CVE-2016-6645
Summary
| CVE | CVE-2016-6645 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-10-05 01:59:00 UTC |
| Updated | 2021-08-05 14:46:00 UTC |
| Description | The vApp Managers web application in EMC Unisphere for VMAX Virtual Appliance 8.x before 8.3.0 and Solutions Enabler Virtual Appliance 8.x before 8.3.0 allows remote authenticated users to execute arbitrary code via crafted input to the (1) GeneralCmdRequest, (2) PersistantDataRequest, or (3) GetCommandExecRequest class. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dell | Emc Unisphere | 8.0 | All | All | All |
| Application | Dell | Emc Unisphere | 8.1 | All | All | All |
| Application | Dell | Emc Unisphere | 8.1.2 | All | All | All |
| Application | Dell | Emc Unisphere | 8.2 | All | All | All |
| Application | Emc | Solutions Enabler | 8.0 | All | All | All |
| Application | Emc | Solutions Enabler | 8.0.3 | All | All | All |
| Application | Emc | Solutions Enabler | 8.1 | All | All | All |
| Application | Emc | Solutions Enabler | 8.1.2 | All | All | All |
| Application | Emc | Solutions Enabler | 8.2 | All | All | All |
| Application | Emc | Solutions Enabler | 8.0 | All | All | All |
| Application | Emc | Solutions Enabler | 8.0.3 | All | All | All |
| Application | Emc | Solutions Enabler | 8.1 | All | All | All |
| Application | Emc | Solutions Enabler | 8.1.2 | All | All | All |
| Application | Emc | Solutions Enabler | 8.2 | All | All | All |
| Application | Emc | Unisphere | 8.0 | All | All | All |
| Application | Emc | Unisphere | 8.0.3 | All | All | All |
| Application | Emc | Unisphere | 8.1 | All | All | All |
| Application | Emc | Unisphere | 8.1.2 | All | All | All |
| Application | Emc | Unisphere | 8.2 | All | All | All |
| Application | Emc | Unisphere | 8.0 | All | All | All |
| Application | Emc | Unisphere | 8.0.3 | All | All | All |
| Application | Emc | Unisphere | 8.1 | All | All | All |
| Application | Emc | Unisphere | 8.1.2 | All | All | All |
| Application | Emc | Unisphere | 8.2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Dell EMC vApp Manager Multiple Arbitrary Command Execution Vulnerabilities | BID | www.securityfocus.com | |
| Bugtraq: ESA-2016-121: EMC Unisphere for VMAX and Solutions Enabler Virtual Appliances Multiple Vulnerabilities | BUGTRAQ | seclists.org | Third Party Advisory |
| EMC Unisphere for VMAX Input Validation Flaws in vApp Manager Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.