EMC ViPR SRM Multiple Security Vulnerabilities

EMC ViPR SRM is prone to the following security vulnerabilities:

1. An arbitrary file upload vulnerability
2. A cross-site scripting vulnerability
3. An HTML injection vulnerability
4. An authentication-bypass vulnerability

Exploiting these issues could allow an attacker to upload arbitrary files, run malicious HTML and script codes, steal cookie-based authentication credentials, bypass the authentication mechanism and perform unauthorized actions.

Versions prior to EMC ViPR SRM 3.7.2 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus