Описание
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:emc:data_protection_advisor:5.5:*:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.6:*:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.6:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.7:*:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.7:sp1:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.8:*:*:*:*:*:*:*
cpe:2.3:a:emc:data_protection_advisor:5.8:sp1:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.14529
Средний
7.8 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.
EPSS
Процентиль: 94%
0.14529
Средний
7.8 High
CVSS2
Дефекты
CWE-264