Dell Emc Unisphere vulnerabilities

6 known vulnerabilities affecting dell/emc_unisphere.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1LOW1

Vulnerabilities

Page 1 of 1
CVE-2018-1183CRITICALCVSS 9.8fixed in 8.4.0.82018-04-30
CVE-2018-1183 [CRITICAL] CWE-611 CVE-2018-1183: In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabl In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, D
nvd
CVE-2017-14375CRITICALCVSS 9.8fixed in 8.4.0.152017-11-01
CVE-2017-14375 [CRITICAL] CWE-290 CVE-2017-14375: EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Vi EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authenti
nvd
CVE-2016-6646CRITICALCVSS 9.8v8.0v8.1+2 more2016-10-05
CVE-2016-6646 [CRITICAL] CWE-20 CVE-2016-6646: The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and S The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.
nvd
CVE-2016-6645HIGHCVSS 8.8v8.0v8.1+2 more2016-10-05
CVE-2016-6645 [HIGH] CWE-20 CVE-2016-6645: The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and S The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.
nvd
CVE-2016-0889CRITICALCVSS 9.8≤ 8.12016-04-15
CVE-2016-0889 [CRITICAL] CWE-20 CVE-2016-0889: An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remo An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname.
nvd
CVE-2013-3287LOWCVSS 1.9≤ 1.6v1.0+2 more2013-11-02
CVE-2013-3287 [LOW] CWE-310 CVE-2013-3287: EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP conf EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.
nvd