An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDell Emc Unisphere
APPDell≤ 8.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2018-1183CRITICAL9.8ten sam produkt
In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...
CVE-2017-14375CRITICAL9.8ten sam produkt
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appl...
CVE-2016-6646CRITICAL9.8ten sam produkt
The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions E...
CVE-2016-6645HIGH8.8ten sam produkt
The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions E...
CVE-2013-3287LOW1.9ten sam produkt
EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations...