← Back

CVE-2016-6646

nvd nist
Published: Oct 5, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class.

Affected (10)

Dell
1 product
Emc Unisphere
Emc
2 products
Solutions Enabler
Unisphere
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Dell
Emc Unisphere
Version 8.0
Emc Unisphere
Version 8.1.2
Emc Unisphere
Version 8.1
Emc Unisphere
Version 8.2
Emc
Solutions Enabler
Version 8.0.3
Solutions Enabler
Version 8.0
Solutions Enabler
Version 8.1.2
Solutions Enabler
Version 8.1
Solutions Enabler
Version 8.3
Unisphere
Version 8.0.3

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

Source: security_alert@emc.com
Third Party Advisory
Source: security_alert@emc.com
Source: security_alert@emc.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.