CRITICAL🇬🇧 English

CVE-2017-8011

CVSS 9.8v3.1pub. 2017-07-17upd. 2026-05-13

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dell Emc M\&r

    APP
    Dell
    wszystkie wersje
  • Dell Emc Storage Monitoring And Reporting

    APP
    Dell
    4.0.2
  • Dell Emc Vipr Srm

    APP
    Dell
    ≤ 4.0.2
  • Dell Emc Vnx Monitoring And Reporting

    APP
    Dell
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-18580CRITICAL10.0ten sam produkt

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data ...

CVE-2018-1183CRITICAL9.8ten sam produkt

In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...

CVE-2017-8007HIGH8.8ten sam produkt

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is a...

CVE-2017-8012HIGH7.4ten sam produkt

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensi...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)