CRITICAL🇵🇱 Wersja polska

CVE-2017-8011

CVSS 9.8v3.1pub. 2017-07-17upd. 2026-05-13

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dell Emc M\&r

    APP
    Dell
    wszystkie wersje
  • Dell Emc Storage Monitoring And Reporting

    APP
    Dell
    4.0.2
  • Dell Emc Vipr Srm

    APP
    Dell
    ≤ 4.0.2
  • Dell Emc Vnx Monitoring And Reporting

    APP
    Dell
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-18580CRITICAL10.0ten sam produkt

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data ...

CVE-2018-1183CRITICAL9.8ten sam produkt

In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...

CVE-2017-8007HIGH8.8ten sam produkt

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is a...

CVE-2017-8012HIGH7.4ten sam produkt

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensi...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)