| CVE-2017-8015 | Cri | 0.64 | 9.8 | 0.01 | | Sep 12, 2017 | EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system. |
| CVE-2017-14376 | Hig | 0.51 | 7.8 | 0.00 | | Nov 1, 2017 | EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system. |
| CVE-2017-8018 | Hig | 0.49 | 7.5 | 0.01 | | Oct 3, 2017 | EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. |
| CVE-2014-4634 | | 0.00 | — | 0.00 | | Dec 30, 2014 | Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. |
