RSS   Vulnerabilities for 'Secure remote services'   RSS

2018-10-18
 
CVE-2018-11080

CWE-732
 

 
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an authenticated malicious user to utilize the file contents to potentially elevate their privileges.

 
 
CVE-2018-11079

CWE-522
 

 
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with access to the configuration file may obtain the exposed password to gain access to the application database.

 
2017-06-14
 
CVE-2017-4986

 

 
EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system.

 
2015-12-28
 
CVE-2015-6852

 

 
Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter.

 
2015-07-05
 
CVE-2015-0544

 

 
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.

 
 
CVE-2015-0543

 

 
EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

 
2015-03-12
 
CVE-2015-0525

CWE-78
 

 
The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

 
 
CVE-2015-0524

CWE-89
 

 
SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

 

 >>> Vendor: EMC 177 Products
Networker
Retrospect client
Legato networker
Eroom
Navisphere manager
Retrospect
Rsa security sitekey
Data domain os
Vmware
Vmware server
Replistor
Vmware player
Documentum administrator
Documentum webtop
Diskxtender
Alphastor
Dantz retrospect backup server
Centera universal access
Documentum applicationxtender
Documentum applicationxtender workflow manager
Control center
Networker client
Networker module
Networker powersnap
Networker server
Networker storage node
Autostart
Captiva pixtools distributed imaging
Homebase server
Rsa key manager client
Avamar
Disk library
Celerra network attached storage
Replication manager
Data protection advisor collector
Rsa adaptive authentication on-premise
Data loss prevention enterprise manager
Sourceone email management
Documentum eroom
Data protection advisor
Captiva einput
Ionix acm
Ionix asam
Ionix ip
Rsa key manager appliance
Documentum content server
Documentum xplore
Documentum information rights management
Documentum applicationxtender desktop
Captiva quickscan pro
Celerra network server
VNX
VNXE
Lifeline
Applicationxtender desktop
Applicationxtender web access .net
Cloud tiering appliance virtual edition
Cloud tiering appliance
Rsa authentication agent
Rsa authentication client
Networker module for microsoft applications
Rsa data protection manager software server
Rsa data protection manager appliance
It operations intelligence
Rsa netwitness informer
Avamar plugin
Rsa archer egrc
Rsa archer smartsuite
Smarts network configuration manager
Smarts ip manager
Smarts mpls manager
Smarts network protocol manager
Smarts server manager
Smarts services assurance manager
Smarts voip availability manager
Documentum records manager
Documentum taskspace
Documentum wdk
Celerra control station
Vnx control station
Avamar server
Avamar server virtual edition
Geosynchrony
Vplex geo
Vplex local
Vplex metro
Atmos
Unisphere
Documentum capital projects
Documentum digital asset manager
Documentum web publisher
Document sciences xpression
Rsa netwitness nextgen
Rsa security analytics
Connectrix manager
Watch4net
Documentum foundation services
Rsa bsafe ssl-j
Rsa data loss prevention
Rsa bsafe
See all Products for Vendor EMC


Copyright 2024, cxsecurity.com

 

Back to Top