CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-8017 – EMC Network Configuration Manager 9.x Cross Site Scripting
https://notcve.org/view.php?id=CVE-2017-8017
06 Oct 2017 — EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x y 9.4.2.x se ve afectado por una vulnerabilidad de Cross-Site Scripting (XSS) reflejado que podría ser explotada por usuarios maliciosos para comprometer el sistema afectado. EMC Network Configuration Manager (NCM) is a... • http://seclists.org/fulldisclosure/2017/Oct/11 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 10%CPEs: 4EXPL: 0CVE-2017-2767 – EMC Network Configuration Manager (NCM) 9.x Code Execution
https://notcve.org/view.php?id=CVE-2017-2767
02 Feb 2017 — EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC Network Configuration Manager (NCM) 9.4.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Ma... • http://www.securityfocus.com/archive/1/540085/30/0/threaded • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 0CVE-2017-2768 – EMC Network Configuration Manager (NCM) 9.x Code Execution
https://notcve.org/view.php?id=CVE-2017-2768
02 Feb 2017 — EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager ... • http://www.securityfocus.com/archive/1/540085/30/0/threaded • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2509 – EMC Network Configuration Manager (NCM) Session Fixation
https://notcve.org/view.php?id=CVE-2014-2509
01 Jul 2014 — Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie. Vulnerabilidad de fijación de sesión en el componente Report Advisor (RA) en EMC Network Configuration Manager (NCM) anterior a 9.3 permite a atacantes remotos secuestrar sesiones de web a través de una cookie de sesión. EMC NCM versions prior to 9.3 are vulnerable to session fixation vulnerability that can be potential... • http://archives.neohapsis.com/archives/bugtraq/2014-06/0168.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2717
https://notcve.org/view.php?id=CVE-2013-2717
28 Mar 2013 — Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components. Múltiples vulnerabilidades sin especificar en el System Management (también conocido como SysAdmin) Console en EMC Smarts Network Configuration Manager (NCM) hasta v9.2 tienen un impacto des... • http://archives.neohapsis.com/archives/bugtraq/2013-03/0135.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2013-0935 – EMC Smarts NCM Improper Authentication
https://notcve.org/view.php?id=CVE-2013-0935
27 Mar 2013 — EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors. EMC Smarts Network Configuration Manager (NCM) anterior v9.2 no requiere autenticación para todo los métodos de llamada Java RMI, que permite ataques remotos ejecutando código arbitrario a través de vectores sin especificar. EMC Smarts Network Configuration Manager (NCM) version 9.2 contains fix for a vulnera... • http://archives.neohapsis.com/archives/bugtraq/2013-03/0135.html • CWE-287: Improper Authentication •