CVE-2017-8012 — Dell EMC Vipr SRM vulnerability

4 documents4 sources

Severity

7.4HIGHNVD

EPSS

0.7%

top 28.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell EMC Vipr SRM

Timeline

PublishedSep 22

Latest updateMay 13

Description

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. Attackers with knowledge of JMX agent user credentials could potentially exploit this vulnerability to create arbitrary files on the affected system and create a DoS condition by leveraging inherent JMX protocol capabilitie…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 2.2 | Impact: 5.2

Affected Packages1 packages

▶NVDdell/emc_vipr_srm4.0.2

🔴Vulnerability Details

GHSA

GHSA-rg2r-4fr3-6jvr: In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate b↗2022-05-13

▶

OSV

zookeeper vulnerabilities↗2021-03-15

▶

CVEList

CVE-2017-8012: In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate b↗2017-09-22

▶