Emc: Security Vulnerabilities
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.
CVSS Score
7.5
EPSS Score
0.006
Published
2005-07-11
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-03-25
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVSS Score
4.6
EPSS Score
0.001
Published
2002-03-25
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup.
CVSS Score
7.5
EPSS Score
0.004
Published
2001-11-21
Page 42