PT-2016-7019 · Emc · Emc Unisphere For Vmax Virtual Appliance+1

Published

2016-10-05

Updated

2021-08-05

CVE-2016-6646

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EMC Unisphere for VMAX Virtual Appliance versions 8.0 through 8.2 Solutions Enabler Virtual Appliance versions 8.0 through 8.2

Description The issue allows remote attackers to execute arbitrary code via crafted input to the (1) GetSymmCmdRequest or (2) RemoteServiceHandler class in the vApp Managers web application.

Recommendations For EMC Unisphere for VMAX Virtual Appliance versions 8.0 through 8.2, update to version 8.3.0 or later. For Solutions Enabler Virtual Appliance versions 8.0 through 8.2, update to version 8.3.0 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2016-6646

Affected Products

Emc Unisphere For Vmax Virtual Appliance

Solutions Enabler Virtual Appliance

PT-2016-7019 · Emc · Emc Unisphere For Vmax Virtual Appliance+1

CVE-2016-6646

Weakness Enumeration

Related Identifiers

Affected Products

References · 5