Appsync
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8015 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2017 | EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||
| CVE-2017-14376 | Hig | 0.51 | 7.8 | 0.00 | Nov 1, 2017 | EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. | ||
| CVE-2017-8018 | Hig | 0.49 | 7.5 | 0.01 | Oct 3, 2017 | EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. | ||
| CVE-2014-4634 | 0.00 | — | 0.00 | Dec 30, 2014 | Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. |
- risk 0.64cvss 9.8epss 0.02
EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.
- risk 0.51cvss 7.8epss 0.00
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.
- risk 0.49cvss 7.5epss 0.01
EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system.
- CVE-2014-4634Dec 30, 2014risk 0.00cvss —epss 0.00
Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.