Vulnerability Description
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Packs all versions) contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote attacker with the knowledge of the default password may potentially use these accounts to run arbitrary web service and remote procedure calls on the affected system.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc M\&R | - |
| Dell | Emc Storage Monitoring And Reporting | 4.0.2 |
| Dell | Emc Vipr Srm | <= 4.0.2 |
| Dell | Emc Vnx Monitoring And Reporting | - |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2017/Jul/21Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/99555Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038905Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2017/Jul/21Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/99555Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038905Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-8011?
CVE-2017-8011 is a vulnerability with a CVSS score of 9.8 (CRITICAL). EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to 4.1, EMC Storage M&R prior to 4.1, EMC VNX M&R all versions, EMC M&R (Watch4Net) for SAS Solution Pack...
How severe is CVE-2017-8011?
CVE-2017-8011 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-8011?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc M\&R, Dell Emc Storage Monitoring And Reporting, Dell Emc Vipr Srm, Dell Emc Vnx Monitoring And Reporting.