#VU7523 Security restrictions bypass in EMC ViPR SRM - CVE-2017-8011
Published: July 14, 2017
Vulnerability identifier: #VU7523
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-8011
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
EMC ViPR SRM
EMC ViPR SRM
Software vendor:
Dell
Dell
Description
The vulnerability allows a remote attacker to gain access to the target system.
The weakness exist due to use of undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker can gain access to the system to run arbitrary web service and remote procedure calls.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exist due to use of undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker can gain access to the system to run arbitrary web service and remote procedure calls.
Successful exploitation of the vulnerability may result in system compromise.