In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Sep/51 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100957 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039417 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039418 | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2017/Sep/51 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100957 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039417 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039418 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2017/Sep/51 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/100957 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1039417 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1039418 - Third Party Advisory, VDB Entry |
Information
Published : 2017-09-22 01:29
Updated : 2024-11-21 03:33
NVD link : CVE-2017-8007
Mitre link : CVE-2017-8007
CVE.ORG link : CVE-2017-8007
JSON object : View
Products Affected
dell
- emc_vnx_monitoring_and_reporting
- emc_vipr_srm
- emc_storage_monitoring_and_reporting
- emc_m\&r
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')