CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2768
https://notcve.org/view.php?id=CVE-2017-2768
EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contiene Una vulnerabilidad de autenticación incorrecta que podría ser explotada potencialmente por usuarios malintencionados para comprometer el sistema afectado. • http://www.securityfocus.com/archive/1/540085/30/0/threaded http://www.securityfocus.com/bid/95936 http://www.securitytracker.com/id/1037761 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 0CVE-2017-2767
https://notcve.org/view.php?id=CVE-2017-2767
EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC Network Configuration Manager (NCM) 9.4.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contiene una vulnerabilidad de Java RMI Remote Code Execution que podría ser explotada potencialmente por usuarios malintencionados para comprometer el sistema afectado. • http://www.securityfocus.com/archive/1/540085/30/0/threaded http://www.securityfocus.com/bid/95938 http://www.securitytracker.com/id/1037761 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-2766
https://notcve.org/view.php?id=CVE-2017-2766
EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC Documentum eRoom versión 7.4.4, EMC Documentum eRoom versión 7.4.4 SP1, EMC Documentum eRoom versión anterior a 7.4.5 P04, EMC Documentum eRoom versión anterior a 7.5.0 P01 incluye una vulnerabilidad no verificada de cambio de contraseña que podría ser explotada por usuarios malintencionados para comprometer el sistema afectado. • http://www.securityfocus.com/archive/1/540077/30/0/threaded http://www.securityfocus.com/bid/95893 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9872
https://notcve.org/view.php?id=CVE-2016-9872
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has Reflected Cross-Site Scripting Vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. EMC Documentum D2 versión 4.5 y EMC Documentum D2 versión 4.6 han reflejado vulnerabilidades de XSS que potencialmente podrían ser explotadas por usuarios malintencionados para comprometer el sistema afectado. • http://www.securityfocus.com/archive/1/540060/30/0/threaded http://www.securityfocus.com/bid/95824 http://www.securitytracker.com/id/1037733 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9873
https://notcve.org/view.php?id=CVE-2016-9873
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenticated low-privileged attacker could potentially exploit this vulnerability to access information, modify data or disrupt services by causing execution of arbitrary DQL commands on the application. EMC Documentum D2 versión 4.5 y EMC Documentum D2 versión 4.6 tiene una Vulnerabilidad de Inyección DQL que potencialmente podría ser explotada por usuarios malintencionados para comprometer el sistema afectado. Un atacante autenticado con pocos privilegios podría explotar potencialmente esta vulnerabilidad para acceder a información, modificar datos o interrumpir los servicios provocando la ejecución de comandos DQL arbitrarios en la aplicación. • http://www.securityfocus.com/archive/1/540060/30/0/threaded http://www.securityfocus.com/bid/95828 http://www.securitytracker.com/id/1037733 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •