Vulnerabilities
Vulnerable Software
Emc:  >> Vplex Geosynchrony  >> 5.0  Security Vulnerabilities
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.
CVSS Score
7.7
EPSS Score
0.003
Published
2014-04-01
EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
CVSS Score
6.0
EPSS Score
0.004
Published
2014-04-01
Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.003
Published
2014-04-01
Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVSS Score
9.0
EPSS Score
0.027
Published
2014-04-01


Contact Us

Shodan ® - All rights reserved