Security restrictions bypass in EMC ViPR SRM - CVE-2017-8011
Published: July 14, 2017
Vulnerability identifier: #VU7523
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-8011
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Dell
Affected software:
EMC ViPR SRM
EMC ViPR SRM
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to the target system.
The weakness exist due to use of undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker can gain access to the system to run arbitrary web service and remote procedure calls.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exist due to use of undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker can gain access to the system to run arbitrary web service and remote procedure calls.
Successful exploitation of the vulnerability may result in system compromise.