Filtered by vendor Emc
Subscriptions
Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-4989 | 1 Emc | 1 Avamar Server | 2025-04-20 | N/A |
| In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view sensitive information, perform software updates, or run maintenance workflows. | ||||
| CVE-2017-4979 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | N/A |
| EMC Isilon OneFS 8.0.1.0, OneFS 8.0.0.0 - 8.0.0.2, OneFS 7.2.1.0 - 7.2.1.3, and OneFS 7.2.0.x is affected by an NFS export vulnerability. Under certain conditions, after upgrading a cluster from OneFS 7.1.1.x or earlier, users may have unexpected levels of access to some NFS exports. | ||||
| CVE-2017-5002 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-20 | N/A |
| EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the RSA Archer application without the victims realizing an attack occurred. | ||||
| CVE-2017-5004 | 2 Emc, Rsa | 3 Rsa Identity Governance And Lifecycle, Rsa Identity Management And Governance, Rsa Via Lifecycle And Governance | 2025-04-20 | 5.4 Medium |
| EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2 (all patch levels); RSA Via Lifecycle and Governance version 7.0 (all patch levels); and RSA Identity Management and Governance (IMG) version 6.9.1 (all patch levels) have Stored Cross Site Scripting vulnerabilities that could potentially be exploited by malicious users to compromise an affected system. | ||||
| CVE-2017-8006 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-20 | N/A |
| In EMC RSA Authentication Manager 8.2 SP1 Patch 1 and earlier, a malicious user logged into the Self-Service Console of RSA Authentication Manager as a target user can use a brute force attack to attempt to identify that user's PIN. The malicious user could potentially reset the compromised PIN to affect victim's ability to obtain access to protected resources. | ||||
| CVE-2017-8017 | 1 Emc | 1 Smarts Network Configuration Manager | 2025-04-20 | N/A |
| EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2017-8024 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | N/A |
| EMC Isilon OneFS (versions prior to 8.1.0.1, versions prior to 8.0.1.2, versions prior to 8.0.0.6, version 7.2.1.x) is impacted by a reflected cross-site scripting vulnerability that may potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2017-8025 | 1 Emc | 1 Archer Grc Platform | 2025-04-20 | N/A |
| RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to upload malicious files via attachments to arbitrary paths on the web server. | ||||
| CVE-2016-9868 | 1 Emc | 1 Scaleio | 2025-04-20 | N/A |
| An issue was discovered in EMC ScaleIO versions before 2.0.1.1. A low-privileged local attacker may cause a denial-of-service by generating a kernel panic in the SCINI driver using IOCTL calls which may render the ScaleIO Data Client (SDC) server unavailable until the next reboot. | ||||
| CVE-2016-9870 | 1 Emc | 1 Isilon Onefs | 2025-04-20 | N/A |
| EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system. | ||||
| CVE-2016-0890 | 1 Emc | 1 Powerpath Virtual Appliance | 2025-04-20 | N/A |
| EMC PowerPath Virtual (Management) Appliance 2.0, EMC PowerPath Virtual (Management) Appliance 2.0 SP1 is affected by a sensitive information disclosure vulnerability that may potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2016-6648 | 1 Emc | 2 Recoverpoint, Recoverpoint For Virtual Machines | 2025-04-20 | N/A |
| EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by sensitive information disclosure vulnerability as a result of incorrect permissions set on a sensitive system file. A malicious administrator with configuration privileges may access this sensitive system file and compromise the affected system. | ||||
| CVE-2016-8214 | 1 Emc | 2 Avamar Data Store, Avamar Virtual Edition | 2025-04-20 | N/A |
| EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3.0 and 7.3.1 contain a vulnerability that may allow malicious administrators to compromise Avamar servers. | ||||
| CVE-2016-8215 | 1 Emc | 1 Rsa Security Analytics | 2025-04-20 | N/A |
| EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Reflected Cross-Site Scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2016-9873 | 1 Emc | 1 Documentum D2 | 2025-04-20 | N/A |
| EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenticated low-privileged attacker could potentially exploit this vulnerability to access information, modify data or disrupt services by causing execution of arbitrary DQL commands on the application. | ||||
| CVE-2016-6649 | 1 Emc | 2 Recoverpoint, Recoverpoint For Virtual Machines | 2025-04-20 | N/A |
| EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his privileges to root. | ||||
| CVE-2017-14373 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-20 | N/A |
| EMC RSA Authentication Manager 8.2 SP1 P4 and earlier contains a reflected cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2017-14379 | 1 Emc | 1 Rsa Authentication Manager | 2025-04-20 | N/A |
| EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||||
| CVE-2017-8016 | 1 Emc | 1 Archer Grc Platform | 2025-04-20 | N/A |
| RSA Archer GRC Platform prior to 6.2.0.5 is affected by stored cross-site scripting via the Questionnaire ID field. An authenticated attacker may potentially exploit this to execute arbitrary HTML in the user's browser session in the context of the affected RSA Archer application. | ||||
| CVE-2017-14375 | 2 Dell, Emc | 4 Emc Unisphere, Solutions Enabler, Vasa and 1 more | 2025-04-20 | N/A |
| EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system. | ||||