HIGH🇵🇱 Wersja polska

CVE-2016-6645

CVSS 8.8v3.0pub. 2016-10-05upd. 2026-05-06

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Emc Unisphere

    APP
    Dell
    8.08.18.1.28.2
  • Emc Solutions Enabler

    APP
    Emc
    8.08.0.38.18.1.28.2
  • Emc Unisphere

    APP
    Emc
    8.0.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2018-1183CRITICAL9.8ten sam produkt

In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...

CVE-2017-14375CRITICAL9.8ten sam produkt

EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appl...

CVE-2016-6646CRITICAL9.8ten sam produkt

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions E...

CVE-2016-0889CRITICAL9.8ten sam produkt

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attacke...

CVE-2015-0545HIGH10.0ten sam produkt

EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, which allow...