Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Emc Subscribe
Filtered by product Cloud Tiering Appliance
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2285 1 Emc 2 Cloud Tiering Appliance, Cloud Tiering Appliance Virtual Edition 2017-08-28 6.8 MEDIUM N/A
EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase.
CVE-2014-0645 1 Emc 4 Cloud Tiering Appliance, Cloud Tiering Appliance Software, File Management Appliance and 1 more 2014-04-17 4.7 MEDIUM N/A
EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.
CVE-2014-0644 1 Emc 2 Cloud Tiering Appliance, Cloud Tiering Appliance Software 2014-04-17 7.8 HIGH N/A
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, as demonstrated by reading the /etc/shadow file.