CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2017-8013 – EMC Data Protection Advisor Application Service Static Credentials Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2017-8013
EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password could potentially use these accounts via REST APIs to gain unauthorized access to EMC Data Protection Advisor (including potentially access with administrative privileges). Las versiones 6.3.x anteriores al patch 67 y las versiones 6.4.x anteriores a patch 130 de EMC Data Protection Advisor contienen cuentas no documentadas con contraseñas embebidas y varios privilegios. Las cuentas afectadas son: "Apollo System Test", "emc.dpa.agent.logon" y "emc.dpa.metrics.logon". • http://seclists.org/fulldisclosure/2017/Sep/36 http://www.securityfocus.com/bid/100846 http://www.securitytracker.com/id/1039370 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8015 – EMC AppSync Apollo REST Services SQL Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-8015
EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC AppSync (en todas las versiones anteriores a la 3.5) contiene una vulnerabilidad de inyección SQL que podría ser explotada por usuarios maliciosos con el fin de comprometer el sistema afectado. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Appsync. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within Apollo REST services, which listens on TCP port 8445 by default. When parsing the query request parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. • http://seclists.org/fulldisclosure/2017/Sep/14 http://www.securityfocus.com/bid/100683 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3757
https://notcve.org/view.php?id=CVE-2017-3757
An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges. Se ha identificado una vulnerabilidad de ruta de búsqueda sin entrecomillar en el controlador para ElanTech Touchpad en varias versiones que se emplea en varios notebooks de la marca Lenovo (excepto ThinkPads). Esto podría permitir que un atacante con privilegios locales ejecutase código con privilegios administrativos. • https://support.lenovo.com/us/en/product_security/LEN-14390 • CWE-428: Unquoted Search Path or Element •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8000
https://notcve.org/view.php?id=CVE-2017-8000
In EMC RSA Authentication Manager 8.2 SP1 and earlier, a malicious RSA Security Console Administrator could craft a token profile and store the profile name in the RSA Authentication Manager database. The profile name could include a crafted script (with an XSS payload) that could be executed when viewing or editing the assigned token profile in the token by another administrator's browser session. En RSA Authentication Manager versión 8.2 SP1 y anteriores de EMC, un Administrador de la Consola de Seguridad de RSA malicioso podría crear un perfil de token y almacenar el nombre del perfil en la base de datos de RSA Authentication Manager. El nombre del perfil podría incluir un script creado (con una carga de tipo XSS) que podría ser ejecutada al visualizar o editar el perfil del token asignado en el token por la sesión del navegador de otro administrador. • http://seclists.org/fulldisclosure/2017/Jul/25 http://www.securityfocus.com/bid/99572 http://www.securitytracker.com/id/1038878 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 37EXPL: 0CVE-2017-8004
https://notcve.org/view.php?id=CVE-2017-8004
The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) allow an application administrator to upload arbitrary files that may potentially contain a malicious code. The malicious file could be then executed on the affected system with the privileges of the user the application is running under. Los productos RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance y RSA IMG de EMC (RSA Identity Governance and Lifecycle versiones 7.0.1, 7.0.2, todos los niveles de parches ; RSA Via Lifecycle and Governance versión 7.0, todos los niveles de parches; RSA Identity Management and Governance (RSA IMG) versiones 6.9.1, todos los niveles de parches), permiten a un administrador de aplicación cargar archivos arbitrarios que potencialmente contengan un código malicioso. El archivo malicioso podría ser luego ejecutado en el sistema afectado con los privilegios del usuario bajo el que se ejecuta la aplicación. • http://seclists.org/fulldisclosure/2017/Jul/24 http://www.securityfocus.com/bid/99591 http://www.securitytracker.com/id/1038877 • CWE-20: Improper Input Validation •