Secure Remote Services

secure_remote_services

Vendor: Emc • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-11080 1Emc 1Secure Remote Services Nov 21, 2024 Oct 18, 2018 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an...Show more Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an authenticated malicious user to utilize the file contents to potentially elevate their privileges.Show less
CVE-2018-11079 1Emc 1Secure Remote Services Nov 21, 2024 Oct 18, 2018 N/A· v4 7.8 HIGH· v3 2.1 LOW· v2 Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user wi...Show more Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with access to the configuration file may obtain the exposed password to gain access to the application database.Show less
CVE-2017-4986 1Emc 1Secure Remote Services May 13, 2026 Jun 14, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 EMC ESRS VE 3.18 or earlier contains Authentication Bypass that could potentially be exploited by malicious users to compromise the affected system.
CVE-2015-6852 1Emc 1Secure Remote Services May 6, 2026 Dec 28, 2015 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter.
CVE-2015-0544 1Emc 1Secure Remote Services May 6, 2026 Jul 5, 2015 N/A· v4 N/A· v3 9.3 HIGH· v2 EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate random values for session cookies, which makes it easier for remote attackers to hijack sessions by predicting a value.
CVE-2015-0543 1Emc 1Secure Remote Services May 6, 2026 Jul 5, 2015 N/A· v4 N/A· v3 5.8 MEDIUM· v2 EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informatio...Show more EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.Show less
CVE-2015-0525 1Emc 1Secure Remote Services May 6, 2026 Mar 12, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2015-0524 1Emc 1Secure Remote Services May 6, 2026 Mar 12, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.