CVE-2017-4997

Published: Jun 29, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Affected (1)

Products: Dell: Emc Vasa Provider Virtual Appliance

Dell

1 product

Emc Vasa Provider Virtual Appliance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Vasa Provider Virtual Appliance	Up to 8.3.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.securityfocus.com/archive/1/540783/30/0/threaded

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/99169

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/archive/1/540783/30/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/99169

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.