VYPR

ESRS Policy Manager

by EMC Corporation

CVEs (2)

  • CVE-2018-15764CriSep 28, 2018
    risk 0.64cvss 9.8epss 0.05

    Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code in the server's JVM.

  • CVE-2017-4976CriJul 9, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server.