Skip to main content

Cloud Tiering Appliance

3 CVEs product

Monthly

CVE-2014-0645 MEDIUM This Month

EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Cloud Tiering Appliance Software Cloud Tiering Appliance File Management Appliance Software File Management Appliance
NVD GitHub VulDB
CVSS 2.0
4.7
EPSS
0.1%
CVE-2014-0644 HIGH POC THREAT Act Now

EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 74.0%.

XXE Information Disclosure Cloud Tiering Appliance Software Cloud Tiering Appliance
NVD GitHub Exploit-DB VulDB
CVSS 2.0
7.8
EPSS
74.0%
Threat
5.3
CVE-2012-2285 MEDIUM This Month

EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Cloud Tiering Appliance Virtual Edition Cloud Tiering Appliance
NVD
CVSS 2.0
6.8
EPSS
0.6%
EPSS 0% CVSS 4.7
MEDIUM This Month

EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Cloud Tiering Appliance Software Cloud Tiering Appliance +2
NVD GitHub VulDB
EPSS 74% 5.3 CVSS 7.8
HIGH POC THREAT Act Now

EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 74.0%.

XXE Information Disclosure Cloud Tiering Appliance Software +1
NVD GitHub Exploit-DB VulDB
EPSS 1% CVSS 6.8
MEDIUM This Month

EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Cloud Tiering Appliance Virtual Edition Cloud Tiering Appliance
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy