PT-2015-4678 · Emc · Emc M&R+1

Published

2015-01-21

Updated

2017-01-03

CVE-2015-0513

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions EMC M&R (aka Watch4Net) versions prior to 6.5u1 ViPR SRM versions prior to 3.6.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface. These vulnerabilities allow remote authenticated users with privileged access to inject arbitrary web script or HTML by setting crafted values of unspecified fields.

Recommendations For EMC M&R (aka Watch4Net) versions prior to 6.5u1, update to version 6.5u1 or later. For ViPR SRM versions prior to 3.6.1, update to version 3.6.1 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2015-0513

Affected Products

Emc M&R

Vipr Srm

PT-2015-4678 · Emc · Emc M&R+1

CVE-2015-0513

Weakness Enumeration

Related Identifiers

Affected Products

References · 4