CVE-2016-6650

Published: Mar 21, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.6 / Impact: 5.9

Source: NVD

Description

EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system.

Affected (2)

Products: Emc: Recoverpoint, Recoverpoint For Virtual Machines

Emc

2 products

Recoverpoint

Recoverpoint For Virtual Machines

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Emc Recoverpoint	Up to 4.4.1.1
Emc Recoverpoint For Virtual Machines	Up to 4.4.1.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www.securityfocus.com/archive/1/540303/30/0/threaded

Source: security_alert@emc.com

MitigationThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/96156

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038066

Source: security_alert@emc.com

http://www.securityfocus.com/archive/1/540303/30/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/96156

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038066

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.