CVE-2017-8003
MEDIUMEMC Data Protection Advisor < 6.4 - Authenticated Path Traversal
Title source: llmDescription
EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of the application.
References (3)
Core 3
Core References
Mailing List, Third Party Advisory x_refsource_confirm
http://seclists.org/fulldisclosure/2017/Jul/12
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038841
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99487
Scores
CVSS v3
4.9
EPSS
0.0069
EPSS Percentile
72.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (2)
emc/data_protection_advisor
< 6.3
n/a/EMC Data Protection Advisor prior to 6.4
EMC Data Protection Advisor prior to 6.4
Published
Jul 09, 2017
Tracked Since
Feb 18, 2026