CVE-2017-14375

Published: Nov 1, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VASA Virtual Appliance versions prior to 8.4.0.512, and EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier) contain an authentication bypass vulnerability that may potentially be exploited by malicious users to compromise the affected system.

Affected (4)

Products: Dell: Emc Unisphere · Emc: Solutions Enabler, Vasa, Vmax Emanagement

1 product

3 products

Solutions Enabler

Vmax Emanagement

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Unisphere	Before 8.4.0.15
Emc Solutions Enabler	Before 8.4.0.15
Emc Vasa	Before 8.4.0.512
Emc Vmax Emanagement	Up to 1.4

Related CWEs

Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

References (6)

http://seclists.org/fulldisclosure/2017/Oct/70

Source: security_alert@emc.com

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/101673

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039704

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2017/Oct/70

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/101673

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039704

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.