| CVE-2015-6847 |
low |
— |
2.1 |
|
|
emc |
11y ago |
The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this… |
| CVE-2015-4541 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2015-4540 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users to inject arbitrary w… |
| CVE-2015-4537 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating th… |
| CVE-2015-4536 |
low |
— |
3.5 |
|
|
emc |
11y ago |
EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing is configured, stores certain obfuscated password data in a log file, which allows remote authentica… |
| CVE-2015-4528 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage 1.2SP1 and 1.2SP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2015-0551 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7… |
| CVE-2015-0549 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before 4.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2015-0527 |
low |
— |
2.1 |
|
|
emc |
11y ago |
EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform (xCP) prov… |
| CVE-2015-0521 |
low |
— |
3.5 |
|
|
emc |
11y ago |
Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allows remote authenticated users to inject … |
| CVE-2015-0519 |
low |
— |
2.1 |
|
|
emc |
12y ago |
The InputAccel Database (IADB) installation process in EMC Captiva Capture 7.0 before patch 25 and 7.1 before patch 13 places a cleartext InputAccel (IA) SQL password in a DAL log file, which allows … |
| CVE-2015-0513 |
low |
— |
3.5 |
|
|
emc |
12y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject a… |
| CVE-2014-4620 |
low |
— |
2.1 |
|
|
meditechemc |
12y ago |
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, w… |
| CVE-2014-2512 |
low |
— |
3.5 |
|
|
emc |
12y ago |
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecif… |
| CVE-2014-0624 |
low |
— |
2.7 |
|
|
emc |
12y ago |
EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions vi… |
| CVE-2013-6181 |
low |
— |
2.1 |
|
|
emc |
13y ago |
EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges. |
| CVE-2013-6177 |
low |
— |
3.5 |
|
|
emc |
13y ago |
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish E… |
| CVE-2013-3285 |
low |
— |
3.5 |
|
|
emc |
13y ago |
The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrato… |
| CVE-2013-3273 |
low |
— |
2.1 |
|
|
emcrsa |
13y ago |
EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which… |
| CVE-2013-3272 |
low |
— |
2.1 |
|
|
emc |
13y ago |
EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an … |
| CVE-2013-0944 |
low |
— |
3.5 |
|
|
emc |
13y ago |
The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. |
| CVE-2012-4615 |
low |
— |
2.1 |
|
|
emc |
14y ago |
EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vect… |
| CVE-2012-4610 |
low |
— |
3.3 |
|
|
emc |
14y ago |
EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to th… |
| CVE-2012-2284 |
low |
— |
2.1 |
|
|
emcmicrosoft |
14y ago |
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local use… |
| CVE-2012-2286 |
low |
— |
2.9 |
|
|
emc |
14y ago |
Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors. |
| CVE-2011-4142 |
low |
— |
2.1 |
|
|
emc |
15y ago |
The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to… |
| CVE-2011-1742 |
low |
— |
2.1 |
|
|
emc |
15y ago |
EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information… |
| CVE-2011-1424 |
low |
— |
3.5 |
|
|
emcmicrosoftibm |
15y ago |
The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the t… |
| CVE-2011-0442 |
low |
— |
3.5 |
|
|
emc |
15y ago |
The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive inf… |
