VYPR

Networker

by EMC Corporation

Source repositories

CVEs (31)

  • CVE-2016-0916CriJun 10, 2016
    risk 0.64cvss 9.8epss 0.08

    EMC NetWorker 8.2.1.x and 8.2.2.x before 8.2.2.6 and 9.x before 9.0.0.6 mishandles authentication, which allows remote attackers to execute arbitrary commands by leveraging access to a different NetWorker instance.

  • CVE-2018-11050HigAug 1, 2018
    risk 0.57cvss 8.8epss 0.01

    Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are sent unencrypted to the remote…

  • CVE-2018-1218HigMar 19, 2018
    risk 0.53cvss 7.5epss 0.14

    In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1.1.6, 9.0.x, and versions prior to 8.2.4.11, the 'nsrd' daemon causes a buffer overflow condition when handling certain messages. A remote unauthenticated attacker could potentially exploit this vulnerability…

  • CVE-2017-8022HigOct 18, 2017
    risk 0.53cvss 8.1epss 0.03

    An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability…

  • CVE-2012-2288Sep 4, 2012
    risk 0.06cvss epss 0.33

    Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.

  • CVE-2009-2754Mar 5, 2010
    risk 0.06cvss epss 0.40

    Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows…

  • CVE-2017-8023Apr 1, 2019
    risk 0.01cvss epss 0.06

    EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service…

  • CVE-2007-3618Aug 21, 2007
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."

  • CVE-2024-22432Jan 25, 2024
    risk 0.00cvss epss 0.00

    Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the…

  • CVE-2020-28349Nov 9, 2020
    risk 0.00cvss epss 0.02

    An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there…

  • CVE-2020-26183Oct 16, 2020
    risk 0.00cvss epss 0.01

    Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations in an unintended manner.

  • CVE-2015-6849Dec 5, 2015
    risk 0.00cvss epss 0.02

    EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages.

  • CVE-2015-0530Apr 17, 2015
    risk 0.00cvss epss 0.00

    Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.

  • CVE-2014-4620Oct 25, 2014
    risk 0.00cvss epss 0.01

    The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.

  • CVE-2013-3285Nov 2, 2013
    risk 0.00cvss epss 0.01

    The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP…

  • CVE-2013-0943Jul 31, 2013
    risk 0.00cvss epss 0.00

    EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin.

  • CVE-2013-0940May 3, 2013
    risk 0.00cvss epss 0.00

    The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

  • CVE-2012-4607Jan 17, 2013
    risk 0.00cvss epss 0.03

    Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.

  • CVE-2012-0395Jan 27, 2012
    risk 0.00cvss epss 0.03

    Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

  • CVE-2011-1421Apr 22, 2011
    risk 0.00cvss epss 0.00

    EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.

Page 1 of 2