Vulnerabilities > EMC > Unisphere > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-10-05 CVE-2016-6645 Improper Input Validation vulnerability in multiple products
The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.
network
low complexity
emc dell CWE-20
critical
 9.0
9.0
2016-10-05 CVE-2016-6646 Improper Input Validation vulnerability in multiple products
The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.
network
low complexity
dell emc CWE-20
critical
 10.0
10
2015-06-29 CVE-2015-0545 Remote Code Execution vulnerability in EMC Unisphere for VMAX
EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
emc
critical
 10.0
10