Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Emc Storage Monitoring And Reporting
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8012 1 Dell 4 Emc M\&r, Emc Storage Monitoring And Reporting, Emc Vipr Srm and 1 more 2021-09-13 5.8 MEDIUM 7.4 HIGH
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilities.
CVE-2017-8007 1 Dell 4 Emc M\&r, Emc Storage Monitoring And Reporting, Emc Vipr Srm and 1 more 2021-09-13 6.5 MEDIUM 8.8 HIGH
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call.
CVE-2017-8011 1 Dell 4 Emc M\&r, Emc Storage Monitoring And Reporting, Emc Vipr Srm and 1 more 2021-09-13 10.0 HIGH 9.8 CRITICAL
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.
CVE-2019-18580 1 Dell 1 Emc Storage Monitoring And Reporting 2019-12-16 10.0 HIGH 10.0 CRITICAL
Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.