CVE-2017-8003

medium

Description

EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of the application.

References

http://www.securitytracker.com/id/1038841

http://www.securityfocus.com/bid/99487

http://seclists.org/fulldisclosure/2017/Jul/12

Details

Source: Mitre, NVD

Published: 2017-07-09

Updated: 2017-07-17

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Severity: Medium