VYPR
Vendor

EMC Corporation

EMC Corporation was an American multinational corporation headquartered in Hopkinton, Massachusetts, which sold data storage, information security, virtualization, analytics, cloud computing and other products and services that enabled organizations to store, manage, protect, and analyze data. EMC's target markets included large companies and small- and medium-sized businesses across various vertical markets.

Founded 1979
Products
235
CVEs
592
Across products
440
Status
Private

Products

235
View all 235 products →

Recent CVEs

592
View all 592 CVEs →
  • CVE-2018-1235CriMay 29, 2018
    risk 0.70cvss 9.8epss 0.43

    Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with…

  • CVE-2018-1217CriApr 9, 2018
    risk 0.70cvss 9.8epss 0.47

    Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or…

  • CVE-2018-1216CriMar 8, 2018
    risk 0.65cvss 9.8epss 0.22

    A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance…

  • CVE-2017-14378CriNov 29, 2017
    risk 0.65cvss 10.0epss 0.03

    EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling Vulnerability."

  • CVE-2018-15764CriSep 28, 2018
    risk 0.64cvss 9.8epss 0.05

    Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code in the server's JVM.

  • CVE-2018-1237CriMar 27, 2018
    risk 0.64cvss 9.8epss 0.02

    Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent (LIA). This component is deployed on every server in the ScaleIO cluster and is used for central management of ScaleIO nodes. A remote…

  • CVE-2017-15548CriJan 5, 2018
    risk 0.64cvss 9.8epss 0.05

    An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication…

  • CVE-2017-14377CriNov 29, 2017
    risk 0.64cvss 9.8epss 0.03

    EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Build 618 have a security vulnerability that could potentially lead to authentication bypass.

  • CVE-2017-8020CriNov 28, 2017
    risk 0.64cvss 9.8epss 0.04

    An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated attacker to execute arbitrary commands with root privileges on an affected server.

  • CVE-2017-14375CriNov 1, 2017
    risk 0.64cvss 9.8epss 0.05

    EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including…

  • CVE-2017-8015CriSep 12, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.

  • CVE-2017-4976CriJul 9, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server.

  • CVE-2017-4990CriJun 21, 2017
    risk 0.64cvss 9.8epss 0.03

    In EMC Avamar Server Software 7.4.1-58, 7.4.0-242, 7.3.1-125, 7.3.0-233, 7.3.0-226, an unauthorized attacker may leverage the file upload feature of the system maintenance page to load a maliciously crafted file to any directory which could allow the attacker to execute…

  • CVE-2017-4989CriJun 21, 2017
    risk 0.64cvss 9.8epss 0.03

    In EMC Avamar Server Software 7.3.1-125, 7.3.0-233, 7.3.0-226, 7.2.1-32, 7.2.1-31, 7.2.0-401, an unauthenticated remote attacker may potentially bypass the authentication process to gain access to the system maintenance page. This may be exploited by an attacker to view…

  • CVE-2017-4984CriJun 19, 2017
    risk 0.64cvss 9.8epss 0.07

    In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary…

  • CVE-2017-4982CriMay 8, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a privilege management vulnerability that could potentially be exploited by malicious users to compromise the affected system.

  • CVE-2017-2765CriFeb 8, 2017
    risk 0.64cvss 9.8epss 0.03

    EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system.

  • CVE-2017-2768CriFeb 3, 2017
    risk 0.64cvss 9.8epss 0.04

    EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains an Improper Authentication vulnerability that could potentially be exploited…

  • CVE-2017-2767CriFeb 3, 2017
    risk 0.64cvss 9.8epss 0.06

    EMC Network Configuration Manager (NCM) 9.3.x, EMC Network Configuration Manager (NCM) 9.4.0.x, EMC Network Configuration Manager (NCM) 9.4.1.x, EMC Network Configuration Manager (NCM) 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be…

  • CVE-2017-2766CriFeb 3, 2017
    risk 0.64cvss 9.8epss 0.02

    EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious…