Main Vulnerability Database SB2017062002

SB2017062002 - Authentication bypass in EMC Secure Remote Services

Published: June 20, 2017

Security Bulletin ID SB2017062002

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Authentication bypass (CVE-ID: CVE-2017-4986)

The vulnerability allows a remote unauthenticated attacker to bypass authentication on the target system.

The weakness exists due to unsafe authentication mechanism. A remote attacker can bypass authentication and potentially read sensitive log data containing usernames and IP addresses.

Successful exploitation of the vulnerability may result in information disclosure.

Remediation

Install update from vendor's website.

References

http://www.securityfocus.com/archive/1/540721/30/0/threaded