-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-132: RSA NetWitness Platform Server-Side Template Injection
Vulnerability
Dell EMC Identifier: DSA-2018-132
CVE Identifier: CVE-2018-11061
Severity Rating: CVSS v3 Base Score: 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
Severity: Criti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-144: RSA Archer SQL Injection Vulnerability within embedded WorkPoint
component
Dell EMC Identifier: DSA-2018-144
CVE Identifier: CVE-2018-11065
Severity Rating: CVSS:3 Base Score: 2.7
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Se
incidental damages,
so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
http://www.emc.com/products/security/product-security-response-center.htm
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEazKDH3UU9DEtTDc5dty75+wTzVkFAltkbtEACgkQdty75+
liers have been
advised of the possibility of such damages. Some states do not allow the
exclusion or limitation of liability for consequential or incidental damages,
so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
http://www.emc.co
es, so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
http://www.emc.com/products/security/product-security-response-center.htm
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEazKDH3UU9DEtTDc5dty75+wTzVkFAltPT7AACgkQdty75+
affiliates or its
suppliers have been advised of the possibility of such damages. Some
jurisdictions do not allow the exclusion or limitation of liability for
consequential or incidental damages, so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security
ation of liability for
consequential or incidental damages, so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
http://www.emc.com/products/security/product-security-response-center.htm
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEazKDH3UU9
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-122: RSA Certificate Manager Path Traversal Vulnerability
Dell EMC Identifier: DSA-2018-122
CVE Identifier: CVE-2018-11051
Severity: High
Severity Rating: CVSS v3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-126: EMC ECS S3 Authentication Bypass Vulnerability
Dell EMC Identifier: DSA-2018-126
CVE Identifier: CVE-2018-11052
Severity: Critical
Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected products:
•
s,
so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiEEazKDH3UU9DEtTDc5dty75+wTzVkFAlsgCsEACgkQdty75+wT
zVnJfQgAj9YpdnG+znBagiVu4JOxG1AIVJ3lVUbche4SyHjlOJUwhqSjcRuSWKuj
C5vfL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-085: RSA Web Threat Detection SQL Injection Vulnerability
Dell EMC Identifier: DSA-2018-085
CVE Identifier: CVE-2018-1252
Severity: High
Severity Rating: CVSS v3 Base Score: 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L)
Affected Product
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities
EMC Identifier: DSA-2018-095
CVE Identifier: CVE-2018-1235, CVE-2018-1241, CVE-2018-1242
Severity Rating: CVSS Base Score: See below for CVSSv3 Scores.
Affected products:
Dell EMC Reco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-086: RSA® Authentication Manager Multiple Vulnerabilities
Dell EMC Identifier: DSA-2018-086
CVE Identifier: CVE-2018-1247, CVE-2018-1248
Severity: Medium
Severity Rating: View details below for individual CVSS Score for each CVE.
Affe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-063: Dell EMC Unity Family OS Command Injection Vulnerability
Dell EMC Identifier: DSA-2018-063
CVE Identifier: CVE-2018-1239
Severity Rating: CVSS v3 Base Score: 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Affected products:
Dell EMC U
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-013: Dell EMC ECOM XML External Entity Injection Vulnerability
EMC Identifier: DSA-2018-013
CVE Identifier: CVE-2018-1183
Severity: High
Severity Rating: CVSS Base Score: 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L)
Affected products:
Del
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-013: Dell EMC ECOM XML External Entity Injection Vulnerability
EMC Identifier: DSA-2018-013
Severity: High
Severity Rating: CVSS Base Score: 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L)
Affected products:
Dell EMC Unisphere for VMAX Virtua
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-071: Dell EMC ViPR Controller Information Exposure Vulnerability
Dell EMC Identifier: DSA-2018- 071
CVE Identifier: CVE-2018-1240
Severity: Medium
Severity Rating: CVSS v3 Base Score: 5.4 AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
Affe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-025: Dell EMC Avamar and Integrated Data Protection Appliance
Installation Manager Missing Access Control Vulnerability
Dell EMC Identifier: DSA-2018-025
CVE Identifier: CVE-2018-1217
Severity: High
Severity Rating: CVSS v3 Base Score:: 7.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-040: RSA® Authentication Agent for Web for IIS and Apache Web Server
Multiple Vulnerabilities
Dell EMC Identifier: DSA-2018-040
CVE Identifier: CVE-2018-1232, CVE-2018-1233, CVE-2018-1234
Severity: High
Severity Rating: CVSS v3 Base Sco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-058: Dell EMC ScaleIO Multiple Security Vulnerabilities
Dell EMC Identifier: DSA-2018-058
CVE Identifier: CVE-2018-1205, CVE-2018-1237, CVE-2018-1238
Severity: Medium
Severity Rating: CVSS v3 Base Score: See below for CVSS v3 scores
Affect
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-018: Dell EMC Isilon OneFS Multiple Vulnerabilities
Dell EMC Identifier: DSA-2018-018
CVE Identifier: CVE-2018-1186, CVE-2018-1187, CVE-2018-1188, CVE-2018-1189,
CVE-2018-1201, CVE-2018-1202, CVE-2018-1203, CVE-2018-1204, CVE-2018-1213
Sev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-037: Dell EMC NetWorker Buffer Overflow Vulnerability
Dell EMC Identifier: DSA-2018-037
CVE Identifier: CVE-2018-1218
Severity: High
Severity Rating: CVSS v3 Base Score 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products:
Dell EMC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-020: Dell EMC Data Protection Advisor Hardcoded Password Vulnerability
Dell EMC Identifier: DSA-2018-020
CVE Identifier: CVE-2018-1206
Severity: High
Severity Rating: CVSS v3 Base Score: 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
A
bility of such damages. Some jurisdictions do not allow the
exclusion or limitation of liability for consequential or incidental damages,
so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
-BEGIN PGP SIGNATURE-
iQEzBAEBCAAdFiE
sed of the possibility of such damages. Some jurisdictions do not allow the
exclusion or limitation of liability for consequential or incidental damages,
so the foregoing limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
-BEGIN PGP
EMC or its suppliers have
been advised of the possibility of such damages.
Some states do not allow the exclusion or limitation of liability for
consequential or incidental damages, so the foregoing
limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
ell EMC or its suppliers have
been advised of the possibility of such damages.
Some states do not allow the exclusion or limitation of liability for
consequential or incidental damages, so the foregoing
limitation may not apply.
Dell EMC Product Security Response Center
security_al...@emc.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2018-015: EMC RecoverPoint Command Injection Vulnerabilities
EMC Identifier: ESA-2018-015
CVE Identifier: CVE-2018-1184, CVE-2018-1185
Severity Rating: See below for individual scores
Affected products:
* EMC RecoverPoint for Virtual Ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2018-002: RSA® Authentication Manager SQL Injection Vulnerability
EMC Identifier: ESA-2018-002
CVE Identifier: CVE-2017-15546
Severity: Medium
Severity Rating: 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Products:
RSA Auth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2018-001: EMC Avamar Server, NetWorker Virtual Edition and Integrated Data
Protection Appliance Multiple Security Vulnerabilities
EMC Identifier: ESA-2018-001
CVE Identifier: CVE-2017-15548, CVE-2017-15549, CVE-2017-15550
Severity Rating: Se
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-155: EMC VNX1 and VNX2 Family Reflected Cross Site Scripting
Vulnerability in VNX Control Station
EMC Identifier: ESA-2017-155
CVE Identifier: CVE-2017-14383
Severity Rating: CVSS v3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-157: EMC Data Domain DD OS Memory Overflow Vulnerability
EMC Identifier: ESA-2017-157
CVE Identifier: CVE-2017-14385
Severity Rating: CVSS v3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected products:
The following EMC Dat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-161: EMC Isilon OneFS NFS Export Security Setting Fallback
Vulnerability
EMC Identifier: ESA-2017-161
CVE Identifier: CVE-2017-14387
Severity Rating: CVSS v3 Base Score: 4.8 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
Affected products:
*
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-153: EMC Isilon OneFS Privilege Escalation Vulnerability
EMC Identifier: ESA-2017-153
CVE Identifier: CVE-2017-14380
Severity Rating: CVSS v3 Base Score: 6.7 (AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Affected products:
* EMC Isilon
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-146: RSA® Authentication Agent SDK for C Error Handling Vulnerability
EMC Identifier: ESA-2017-146
CVE Identifier: CVE-2017-14378
Severity Rating: CVSS v3 Base Score: 10 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
(see note below)
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-145: RSA® Authentication Agent for Web for Apache Web Server
Authentication Bypass Vulnerability
EMC Identifier: ESA-2017-145
CVE Identifier: CVE-2017-14377
Severity Rating: CVSS v3 Base Score: 10 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-094: EMC ScaleIO Multiple Vulnerabilities
EMC Identifier: ESA-2017-094
CVE Identifier: CVE-2017-8001, CVE-2017-8019, CVE-2017-8020
Severity Rating: CVSSv3 Base Score: See below for CVSS scores for individual
CVEs
Affected products:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-152: RSA® Authentication Manager Software Stored Cross-Site Scripting
Vulnerability
EMC Identifier: ESA-2017-152
CVE Identifier: CVE-2017-14379
Severity Rating: CVSSv3 Base Score: 6.5 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)
Affected Prod
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-137: EMC VMAX Virtual Appliance (vApp) Authentication Bypass
Vulnerability
EMC Identifier: ESA-2017-137
CVE Identifier: CVE-2017-14375
Severity Rating: CVSSv3 Base Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected products:
*EMC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-141: EMC AppSync Hardcoded Password Vulnerability
EMC Identifier: ESA-2017-141
CVE Identifier: CVE-2017-14376
Severity Rating: CVSS v3 Base Score: 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected products:
EMC AppSync Server versions p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-134: RSA® Authentication Manager Security Update for Reflected
Cross-Site Scripting Vulnerability
EMC Identifier: ESA-2017-134
CVE Identifier: CVE-2017-14373
Severity Rating: CVSSv3: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-122: EMC NetWorker Buffer Overflow Vulnerability
EMC Identifier: ESA-2017-122
CVE Identifier: CVE-2017-8022
Severity Rating: CVSSv3 Base Score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected products:
* EMC NetWorker versions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-124: EMC Isilon OneFS Reflected Cross Site Scripting Vulnerability
CVE Identifier: CVE-2017-8024
EMC Identifier: ESA-2017-124
Severity Rating: CVSS Base Score: 9.6 (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
Affected Products:
*EMC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-111: RSA Archer® GRC Platform Multiple Vulnerabilities
EMC Identifier: ESA-2017-111
CVE Identifier: CVE-2017-8016, CVE-2017-8025, CVE-2017-14369, CVE-2017-14370,
CVE-2017-14371, CVE-2017-14372
Severity Rating: CVSSv3 Base Score: See bel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-112: EMC Network Configuration Manager Reflected Cross-Site Scripting
Vulnerability
EMC Identifier: ESA-2017-112
CVE Identifier: CVE-2017-8017
Severity Rating: CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
Affected products
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-115: EMC AppSync Host Plug-in Denial of Service Vulnerability
EMC Identifier: ESA-2017-115
CVE Identifier: CVE-2017-8018
Severity Rating: CVSS v3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected products:
EMC AppSyn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-119: EMC Elastic Cloud Storage Undocumented Account Vulnerability
EMC Identifier: ESA-2017-119
CVE Identifier: CVE-2017-8021
Severity Rating: CVSS Base Score: 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H)
Affected products:
* EMC Elasti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-081: EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R (Watch4Net)
for SAS Solution Packs Multiple Vulnerabilities
EMC Identifier: ESA-2017-081
CVE Identifier: CVE-2017-8007, CVE-2017-8012
Severity Rating: CVSS Base Score: See bel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-098: EMC Data Protection Advisor Hardcoded Password Vulnerability
EMC Identifier: ESA-2017-098
CVE Identifier: CVE-2017-8013
Severity Rating: CVSS v3 Base Score: 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H)
Affected products:
* EMC D
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-099: EMC AppSync SQL Injection Vulnerability
EMC Identifier: ESA-2017-099
CVE Identifier: CVE-2017-8015
Severity Rating: CVSS v3 Base Score: 8.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)
Affected products:
EMC AppSync all versions prior to 3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-068: RSA® Authentication Manager Stored Cross-Site Scripting
Vulnerability
EMC Identifier: ESA-2017-068
CVE Identifier: CVE-2017-8000
Severity Rating: CVSSv3: 4.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N)
Affected Products:
RSA Au
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-076: RSA Identity Governance and Lifecycle Multiple Vulnerabilities
EMC Identifier: EMC-2017-076
CVE Identifier: CVE-2017-8004, CVE-2017-8005
Severity Rating: CVSS v3 Base Score: Please view details below for individual
CVE scores.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-084: RSA® Authentication Manager Self-Service Console Brute Force
PIN-Guessing Vulnerability
EMC Identifier: ESA-2017-084
CVE Identifier: CVE-2017-8006
Severity Rating: CVSS v3 Base Score: 6.8 (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H)
A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-089: EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R (Watch4Net)
for SAS Solution Packs Undocumented Accounts Vulnerability
EMC Identifier: ESA-2017-089
CVE Identifier: CVE-2017-8011
Severity Rating: CVSS v3 Base Score: 9.8 (AV:N/AC:L/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-011: EMC ESRS Policy Manager Undocumented Account Vulnerability
EMC Identifier: ESA-2017-011
CVE Identifier: CVE-2017-4976
Severity: High
Severity Rating: CVSS Base Score: 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-075: EMC Data Protection Advisor Multiple Vulnerabilities
EMC Identifier ESA-2017-075
CVE Identifier CVE-2017-8002, CVE-2017-8003
Severity: Medium
Severity Rating: CVSS Base Score View details below for individual CVSS Score
f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ESA-2017-063 RSA Archer® GRC Platform Multiple Vulnerabilities
EMC Identifier: ESA-2017-063
CVE Identifier:
CVE-2017-4998,CVE-2017-4999,CVE-2017-5000,CVE-2017-5001,CVE-2017-5002
Severity Rating: CVSSv3 Base Score: Please view details
57 matches
Mail list logo
