CVE-2015-0524
EMC Secure Remote Services Virtual Edition 3.02 and 3.03 - SQL Injection
Title source: llmDescription
SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534930/100/0/threaded
Exploit x_refsource_misc
https://www.securify.nl/advisory/SFY20141113/emc_secure_remote_services_virtual_edition_provisioning_component_is_affected_by_sql_injection.html
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Mar/119
Mailing List mailing-list
x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Mar/40
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html
Scores
EPSS
0.0043
EPSS Percentile
62.8%
Details
CWE
CWE-89
Status
published
Products (2)
emc/secure_remote_services
3.02
emc/secure_remote_services
3.03
Published
Mar 12, 2015
Tracked Since
Feb 18, 2026