10

CVE-2017-2768

EPSS 2.71%
Veröffentlicht 03.02.2017 07:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emc ≫ Smarts Network Configuration Manager Version9.3

Emc ≫ Smarts Network Configuration Manager Version9.4

Emc ≫ Smarts Network Configuration Manager Version9.4.1

Emc ≫ Smarts Network Configuration Manager Version9.4.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.71%	0.846

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/archive/1/540085/30/0/threaded

Third Party Advisory

VDB Entry

Mailing List

http://www.securitytracker.com/id/1037761

http://www.securityfocus.com/bid/95936

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-2768

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2768

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2768

EUVD