emc secure remote services 3.02 vulnerabilities and exploits

(subscribe to this query)

4

CVSSv2

Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x prior to 3.10 allows remote authenticated users to read log files via a crafted parameter.

Emc Secure Remote Services 3.03 Emc Secure Remote Services 3.0 Emc Secure Remote Services 3.02

5.8

CVSSv2

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x prior to 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.

Emc Secure Remote Services 3.03 Emc Secure Remote Services 3.04 Emc Secure Remote Services 3.02

9.3

CVSSv2

EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x prior to 3.06 does not properly generate random values for session cookies, which makes it easier for remote malicious users to hijack sessions by predicting a value.

Emc Secure Remote Services 3.03 Emc Secure Remote Services 3.04 Emc Secure Remote Services 3.02

7.5

CVSSv2

SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.

Emc Secure Remote Services 3.02 Emc Secure Remote Services 3.03

7.5

CVSSv2

The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote malicious users to execute arbitrary OS commands via unspecified vectors.

Emc Secure Remote Services 3.02 Emc Secure Remote Services 3.03

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook