Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31822
HistoryMar 21, 2015 - 12:00 a.m.

Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser

2015-03-2100:00:00
vulners.com
21

Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser

Han Sahin, November 2014


Abstract

A path traversal vulnerability was found in EMC M&R (Watch4net) MIB
Browser. This vulnerability allows an attacker to access sensitive files
containing configuration data, passwords, database records, log data,
source code, and program scripts and binaries.


Affected products

EMC reports that the following products are affected by this
vulnerability:

  • EMC M&R (Watch4Net) versions prior 6.5u1
  • EMC ViPR SRM versions prior to 3.6.1

See also

  • CVE-2015-0516
  • ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities

Fix

EMC released the following updated versions that resolve this
vulnerability:

  • EMC M&R (Watch4Net) 6.5u1
  • EMC ViPR SRM 3.6.1

Registered customers can download upgraded software from support.emc.com
at https://support.emc.com/downloads/34247_ViPR-SRM.


Details

https://www.securify.nl/advisory/SFY20141105/path_traversal_vulnerability_in_emc_m_r__watch4net__mib_browser.html