High severity8.8NVD Advisory· Published Sep 22, 2017· Updated May 13, 2026

CVE-2017-8007

Description

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call.

Affected products

Dell/Emc M\&r
cpe:2.3:a:dell:emc_m\&r:*:*:*:*:*:*:*:*
Dell/Emc Storage Monitoring And Reporting
cpe:2.3:a:dell:emc_storage_monitoring_and_reporting:*:*:*:*:*:*:*:*
Dell/Emc Vipr Srm
cpe:2.3:a:dell:emc_vipr_srm:*:*:*:*:*:*:*:*
Range: <=4.0.2
Dell/Emc Vnx Monitoring And Reporting
cpe:2.3:a:dell:emc_vnx_monitoring_and_reporting:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2017/Sep/51nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/100957nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039417nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039418nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000