) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-8022 |
An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system's platform. Published: October 18, 2017; 11:29:00 AM -0400 |
V3.0: 8.1 HIGH V2.0: 6.8 MEDIUM |
| CVE-2015-0530 |
Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors. Published: April 16, 2015; 9:59:24 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-2014-4620 |
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files. Published: October 25, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
| CVE-2013-0943 |
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin. Published: July 31, 2013; 9:20:24 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
| CVE-2013-0940 |
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. Published: May 03, 2013; 7:57:41 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-2012-4607 |
Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data. Published: January 17, 2013; 5:55:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2012-0395 |
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. Published: January 26, 2012; 7:55:01 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2011-1421 |
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. Published: April 22, 2011; 6:55:02 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
| CVE-2011-0321 |
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. Published: February 01, 2011; 1:00:03 PM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |