|Number of vulnerabilities||1|
|CVE ID|| CVE-2017-14375
|CWE ID|| CWE-284
|Public exploit||Not available|
|Vulnerable software versions||
EMC Unisphere 8.4
EMC Unisphere 8.3
EMC Unisphere 8.2
|Vendor URL||EMC Corporation|
The vulnerability allows a remote attacker to gain access to the target system.
The weakness exists due to improper access controls. A remote attacker can supply specially crafted AMF messages to the target vApp Manager servlet, bypass authentication and create new user accounts with administrative privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update EMC Unisphere to version 22.214.171.124 or 126.96.36.199.External links