CVE-2017-8011

Summary

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.

Affected Software

VendorProductVersion RangeStatus
n/aEMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R (Watch4Net)EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R (Watch4Net)affected

Weaknesses

  • undocumented accounts vulnerability

ADP Enrichment

CVE Program Container

Additional References

References