Description
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101673
Mailing List, Third Party Advisory x_refsource_confirm
http://seclists.org/fulldisclosure/2017/Oct/70
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039704
Scores
CVSS v3
9.8
EPSS
0.0205
EPSS Percentile
84.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-290
Status
published
Products (5)
dell/emc_unisphere
< 8.4.0.15
emc/solutions_enabler
< 8.4.0.15
emc/vasa
< 8.4.0.512
emc/vmax_emanagement
< 1.4
n/a/EMC VMAX Virtual Appliance (vApp) EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance ve
EMC VMAX Virtual Appliance (vApp) EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.1
Published
Nov 01, 2017
Tracked Since
Feb 18, 2026