CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2012-4612
https://notcve.org/view.php?id=CVE-2012-4612
Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en EMC RSA Appliance Data Protection Manager Software Server v3.x y v2.7.x antes de v3.2.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0050.html http://www.securityfocus.com/bid/56506 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4610
https://notcve.org/view.php?id=CVE-2012-4610
EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client. EMC Avamar Client para VMware v6.1 almacena la contraseña raiz del servidor en texto plano en el cliente proxy, lo que podría permitir a atacantes remotos, obtener información sensible mediante el aprovechamiento del "acceso a red" del cliente proxy. • http://www.securityfocus.com/archive/1/524532 http://www.securityfocus.com/bid/56317 https://exchange.xforce.ibmcloud.com/vulnerabilities/79661 • CWE-255: Credentials Management Errors •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2012-2284
https://notcve.org/view.php?id=CVE-2012-2284
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. El proceso del (1) instalación and (2) actualización en EMC NetWorker Module para Microsoft Applications (NMM) v2.2.1, v2.3 anterior al build v122, y v2.4 anterior al build v375, cuando el Exchange Server es usado, permite a usuarios locales leer las credenciales del administrador en texto plano mediante vectores desconocidos vectors. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html http://osvdb.org/86157 http://secunia.com/advisories/50957 http://www.securityfocus.com/bid/55883 http://www.securitytracker.com/id?1027647 • CWE-255: Credentials Management Errors •
CVSS: 9.3EPSS: 6%CPEs: 3EXPL: 0CVE-2012-2290
https://notcve.org/view.php?id=CVE-2012-2290
The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel. El cliente de EMC NetWorker Module para Microsoft Applications (NMM) v2.2.1, v2.3 anterior al build v122, y v2.4 anterior al build 375 permite a atacantes remotos ejecutar código arbitrario mediante el envío de un mensaje elaborado por un canal de comunicación TCP. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html http://osvdb.org/86158 http://secunia.com/advisories/50957 http://www.securityfocus.com/bid/55883 http://www.securitytracker.com/id?1027647 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.9EPSS: 0%CPEs: 11EXPL: 0CVE-2012-2286
https://notcve.org/view.php?id=CVE-2012-2286
Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en EMC RSA Adaptive Authentication On-Premise (AAOP) v6.0.2.1 antes de SP3 P3, permite a atacantes remotos obtener información sensible a través de vectores desconocidos • http://archives.neohapsis.com/archives/bugtraq/2012-10/0036.html http://www.securityfocus.com/bid/55842 •