cbcvebase.

Emc Smarts Network Configuration Manager vulnerabilities

6 known vulnerabilities affecting emc/smarts_network_configuration_manager.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2017-2767P2CRITICALCVSS 9.8v9.3v9.4+2 more2017-02-03
CVE-2017-2767 [CRITICAL] CWE-287 CVE-2017-2767: EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.
nvd
CVE-2017-2768P3CRITICALCVSS 9.8v9.3v9.4+2 more2017-02-03
CVE-2017-2768 [CRITICAL] CWE-287 CVE-2017-2768: EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited by malicious users to compromise the affected system.
nvd
CVE-2013-0935P3CRITICALCVSS 9.3≤ 9.12013-03-28
CVE-2013-0935 [CRITICAL] CWE-287 CVE-2013-0935: EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Ja EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2013-2717P3CRITICALCVSS 9.3≤ 9.2v9.12013-03-28
CVE-2013-2717 [CRITICAL] CVE-2013-2717: Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts N Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components.
nvd
CVE-2017-8017P4MEDIUMCVSS 6.1v9.3v9.4+2 more2017-10-11
CVE-2017-8017 [MEDIUM] CWE-79 CVE-2017-8017: EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflec EMC Network Configuration Manager (NCM) 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x is affected by a reflected cross-site scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system.
nvd
CVE-2014-2509P4MEDIUMCVSS 5.4≤ 9.2v9.12014-07-01
CVE-2014-2509 [MEDIUM] CVE-2014-2509: Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Man Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie.
nvd
Emc Smarts Network Configuration Manager vulnerabilities | cvebase