10

CVE-2011-0647

The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EmcReplication Manager Editionclient Version <= 5.2.3
EmcReplication Manager Version2.0 Editionclient
EmcReplication Manager Version5.2 Editionclient
EmcReplication Manager Version5.2.2 Editionclient
EmcNetworker Module Version2.1 Update- Editionmicrosoft_applications
EmcNetworker Module Version2.2 Update- Editionmicrosoft_applications
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 63.68% 0.991
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://osvdb.org/70853
http://secunia.com/advisories/43164
Vendor Advisory
http://www.securityfocus.com/archive/1/516260
http://www.securityfocus.com/archive/1/516282/100/0/threaded
http://www.securityfocus.com/bid/46235
http://www.vupen.com/english/advisories/2011/0304
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-061/
https://exchange.xforce.ibmcloud.com/vulnerabilities/65205