CVE-2015-0525

EMC Secure Remote Services Virtual Edition 3.02-3.03 - OS Command Injection

Title source: llm

Description

The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/534928/100/0/threaded

Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq

http://seclists.org/bugtraq/2015/Mar/40

Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/Mar/118

Exploit x_refsource_misc

https://www.securify.nl/advisory/SFY20141112/command_injection_vulnerability_in_emc_secure_remote_services_virtual_edition.html

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html

Scores

EPSS 0.0183

EPSS Percentile 83.2%

Details

CWE

CWE-78

Status published

Products (2)

emc/secure_remote_services 3.02

emc/secure_remote_services 3.03

Published Mar 12, 2015

Tracked Since Feb 18, 2026