10

CVE-2017-2768

EPSS 2.71%
Published 03.02.2017 07:59:00
Last modified 20.04.2025 01:37:25
Source security_alert@emc.com
Teams watchlist Login
Open Login

EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Emc ≫ Smarts Network Configuration Manager Version9.3

Emc ≫ Smarts Network Configuration Manager Version9.4

Emc ≫ Smarts Network Configuration Manager Version9.4.1

Emc ≫ Smarts Network Configuration Manager Version9.4.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.71%	0.846

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/archive/1/540085/30/0/threaded

Third Party Advisory

VDB Entry

Mailing List

http://www.securitytracker.com/id/1037761

http://www.securityfocus.com/bid/95936

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-2768

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2768

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2768

EUVD