CVSS: 9.8EPSS: 1%CPEs: 27EXPL: 0CVE-2018-1183
https://notcve.org/view.php?id=CVE-2018-1183
30 Apr 2018 — In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.23... • http://seclists.org/fulldisclosure/2018/Apr/61 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 0CVE-2017-8007 – Dell EMC VNX Monitoring and Reporting Scheduler Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8007
20 Sep 2017 — In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call. En EMC ViPR SRM, Storage MR, VNX MR y MR (Watch4Net) para SAS Solution Packs, la puerta de enlace del s... • http://seclists.org/fulldisclosure/2017/Sep/51 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2017-8012 – Dell EMC VNX Monitoring and Reporting RMI Registry Deserialization of Untrusted Data Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2017-8012
20 Sep 2017 — In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities. En EMC Vi... • http://seclists.org/fulldisclosure/2017/Sep/51 •
CVSS: 10.0EPSS: 15%CPEs: 4EXPL: 0CVE-2017-8011 – Dell EMC VNX Monitoring and Reporting Scheduler Static Credentials Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8011
12 Jul 2017 — EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system. EMC ViPR SRM, EMC St... • http://seclists.org/fulldisclosure/2017/Jul/21 • CWE-798: Use of Hard-coded Credentials •