← Retour aux CVEs
CVE-2017-8007
HIGH8.8
Description
In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call.
Details CVE
Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie9/22/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
dell:emc_m\&rdell:emc_storage_monitoring_and_reportingdell:emc_vipr_srmdell:emc_vnx_monitoring_and_reporting
Faiblesses (CWE)
CWE-22
References
http://seclists.org/fulldisclosure/2017/Sep/51(security_alert@emc.com)
http://www.securityfocus.com/bid/100957(security_alert@emc.com)
http://www.securitytracker.com/id/1039417(security_alert@emc.com)
http://www.securitytracker.com/id/1039418(security_alert@emc.com)
http://seclists.org/fulldisclosure/2017/Sep/51(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100957(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039417(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039418(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.