CVE-2016-6650
https://notcve.org/view.php?id=CVE-2016-6650
EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system. EMC RecoverPoint en versiones anteriores a 5.0 y EMC RecoverPoint para versiones de maquinas virtuales en versiones anteriores 5.0 tienen una vulnerabilidad SSL Stripping que puede ser explotada potencialmente por usuarios maliciosos para comprometer el sistema afectado. • http://www.securityfocus.com/archive/1/540303/30/0/threaded http://www.securityfocus.com/bid/96156 http://www.securitytracker.com/id/1038066 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-4526
https://notcve.org/view.php?id=CVE-2015-4526
EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to obtain root-shell access by bypassing the Installation Manager Boxmgmt CLI interface. La versión 4.2 de EMC RecoverPoint for Virtual Machines (VMs) permite a usuarios locales obtener acceso Root en la consola sin pasar por la interfaz CLI Boxmgmt Installation Manager. • http://seclists.org/bugtraq/2015/Jul/59 http://www.securitytracker.com/id/1032853 • CWE-284: Improper Access Control •