Emc: >> Smarts Network Configuration Manager >> 9.1 Security Vulnerabilities
Session fixation vulnerability in the Report Advisor (RA) component in EMC Network Configuration Manager (NCM) before 9.3 allows remote attackers to hijack web sessions via a session cookie.
CVSS Score
5.4
EPSS Score
0.003
Published
2014-07-01
Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components.
CVSS Score
9.3
EPSS Score
0.004
Published
2013-03-28
EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Java RMI method calls, which allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.3
EPSS Score
0.018
Published
2013-03-28