PT-2019-8606 · Emc · Emc Networker

Published

2019-04-01

Updated

2019-04-04

CVE-2017-8023

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC NetWorker (affected versions not specified)

Description The issue concerns an unauthenticated remote code execution in the Networker Client execution service (nsrexecd) when the oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via the RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2017-8023

Affected Products

Emc Networker

PT-2019-8606 · Emc · Emc Networker

CVE-2017-8023

Weakness Enumeration

Related Identifiers

Affected Products

References · 4