HIGH🇬🇧 English

CVE-2016-6645

CVSS 8.8v3.0pub. 2016-10-05upd. 2026-05-06

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Emc Unisphere

    APP
    Dell
    8.08.18.1.28.2
  • Emc Solutions Enabler

    APP
    Emc
    8.08.0.38.18.1.28.2
  • Emc Unisphere

    APP
    Emc
    8.0.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2018-1183CRITICAL9.8ten sam produkt

In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...

CVE-2017-14375CRITICAL9.8ten sam produkt

EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appl...

CVE-2016-6646CRITICAL9.8ten sam produkt

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions E...

CVE-2016-0889CRITICAL9.8ten sam produkt

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attacke...

CVE-2015-0545HIGH10.0ten sam produkt

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allow...