CVE-2017-8007

Sažetak

In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. Attackers with knowledge of Webservice Gateway credentials could potentially exploit this vulnerability to access unauthorized information, and modify or delete data, by supplying specially crafted strings in input parameters of the web service call.

Reference

http://seclists.org/fulldisclosure/2017/Sep/51
http://www.securitytracker.com/id/1039418
http://www.securitytracker.com/id/1039417
http://www.securityfocus.com/bid/100957

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

13-09-2021 - 12:07

Objavljeno

22-09-2017 - 01:29