Unrated severityNVD Advisory· Published Apr 20, 2012· Updated Apr 29, 2026

CVE-2012-0406

Description

The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.

Affected products

EMC Corporation/Data Protection Advisor8 versions
cpe:2.3:a:emc:data_protection_advisor:5.5:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:emc:data_protection_advisor:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.6:sp1:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.7:*:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.7:sp1:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.8:*:*:*:*:*:*:*
- cpe:2.3:a:emc:data_protection_advisor:5.8:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000