Emc

Vipr Srm

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2016-6647

  • EPSS 0.18%
  • Published 30.09.2016 00:59:03
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

6.1

CVE-2016-6643

  • EPSS 0.22%
  • Published 18.09.2016 02:59:15
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1

CVE-2016-6642

  • EPSS 0.07%
  • Published 18.09.2016 02:59:14
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in EMC ViPR SRM before 3.7.2 allows remote attackers to hijack the authentication of administrators for requests that upload files.

7.6

CVE-2016-6641

  • EPSS 0.2%
  • Published 18.09.2016 02:59:13
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

9.8

CVE-2016-0922

  • EPSS 0.53%
  • Published 18.09.2016 02:59:03
  • Last modified 12.04.2025 10:46:40

EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force guessing attack.

8.8

CVE-2016-0891

Exploit
  • EPSS 3.09%
  • Published 20.04.2016 17:59:00
  • Last modified 12.04.2025 10:46:40

Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators.

4

CVE-2015-0516

Exploit
  • EPSS 21.44%
  • Published 21.01.2015 15:17:14
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to read arbitrary files via a crafted URL.

6.5

CVE-2015-0515

  • EPSS 0.93%
  • Published 21.01.2015 15:17:13
  • Last modified 12.04.2025 10:46:40

Unrestricted file upload vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to execute arbitrary code by uploading and then accessing an executable file.

5

CVE-2015-0514

Exploit
  • EPSS 18.29%
  • Published 21.01.2015 15:17:12
  • Last modified 12.04.2025 10:46:40

EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might allow remote attackers to obtain cleartext data-center discovery credentials by leveraging certain SRM access to conduct a decryption attack.

3.5

CVE-2015-0513

  • EPSS 0.18%
  • Published 21.01.2015 15:17:11
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privilege...