CVE-2016-0889

Name of the Vulnerable Software and Affected Versions EMC Unisphere for VMAX Virtual Appliance versions prior to 8.2.0

Description The issue is related to an HTTP servlet in the vApp Manager component, which lacks sufficient input validation. This allows remote attackers to modify arbitrary files by providing a specially crafted pathname.

Recommendations For versions prior to 8.2.0, update to version 8.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the vApp Manager component to minimize the risk of exploitation.