Shodan
Vulnerabilities
Vulnerable Software
Emc:  Security Vulnerabilities
CVE-2016-0895
EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity.
CVSS Score
4.3
EPSS Score
0.004
Published
2016-05-03
CVE-2016-0894
EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter.
CVSS Score
6.3
EPSS Score
0.002
Published
2016-05-03
CVE-2016-0893
EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to obtain sensitive information by reading error messages.
CVSS Score
4.3
EPSS Score
0.002
Published
2016-05-03
CVE-2016-0892
Cross-site scripting (XSS) vulnerability in EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2016-05-03
CVE-2016-0891
Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators.
CVSS Score
8.8
EPSS Score
0.031
Published
2016-04-20
CVE-2016-0888
EMC Documentum D2 before 4.6 lacks intended ACLs for configuration objects, which allows remote authenticated users to modify objects via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.014
Published
2016-04-07
CVE-2016-0886
EMC Documentum xCP 2.1 before patch 24 and 2.2 before patch 12 allows remote authenticated users to obtain sensitive user-account metadata via a members/xcp_member API call.
CVSS Score
4.3
EPSS Score
0.002
Published
2016-03-09
CVE-2016-0882
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to read arbitrary files via a POST request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS Score
5.4
EPSS Score
0.005
Published
2016-02-12
CVE-2016-0881
EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository information by appending a query to a REST request.
CVSS Score
6.5
EPSS Score
0.003
Published
2016-02-12
CVE-2015-6852
Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter.
CVSS Score
4.3
EPSS Score
0.001
Published
2015-12-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved