Vulnerabilities > EMC > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-5001 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. | 4.3 |
| 2017-07-07 | CVE-2017-5000 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an information exposure through an error message vulnerability. | 4.3 |
| 2017-07-07 | CVE-2017-4999 | Information Exposure vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. | 6.5 |
| 2017-06-14 | CVE-2017-4986 | Information Exposure vulnerability in EMC Secure Remote Services 3.18 EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system. | 5.3 |
| 2017-06-09 | CVE-2017-5004 | Cross-site Scripting vulnerability in multiple products EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. | 5.4 |
| 2017-06-09 | CVE-2017-5003 | Cross-site Scripting vulnerability in multiple products EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Reflected Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. | 6.1 |
| 2017-02-03 | CVE-2016-9873 | Command Injection vulnerability in EMC Documentum D2 4.5/4.6 EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.3 |
| 2017-02-03 | CVE-2016-9872 | Cross-site Scripting vulnerability in EMC Documentum D2 4.5/4.6 EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |
| 2017-02-03 | CVE-2016-6649 | Command Injection vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his privileges to root. | 6.7 |
| 2017-02-03 | CVE-2016-6648 | Permission Issues vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. | 4.4 |