CVE-2017-8022

Published Oct 18, 2017

Last updated 7 years ago

CVSS high 8.1

Overview

Description: An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system's platform.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 8.1
Impact score: 5.9
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:networker:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "504CDC85-F6DE-4995-B19E-4E29D0B004A0",
            "versionEndIncluding": "8.2.4.8"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "320CDE7C-254C-465E-AB1C-EB2705098A24"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "973EACF3-9A27-4384-A32B-AF3C94E2C016"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A694E8-43C7-4521-BB4F-69874553F495"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8D29803-7F5B-4A55-AE34-B77B49AAB3FC"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "643079B8-7074-40DB-A8CC-D15E8408E34E"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4282310-F646-485D-82F3-26D5F545A999"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "922E6EAD-B2EE-4593-8B92-0496FFB7E40F"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB3193D3-5B8F-4D6B-9904-29F231D48574"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB6F04FD-B8B7-4A44-B0F1-F6E999E66937"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F604839-43F3-4F85-B45E-EE63924E1A9F"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38C00A1A-2E11-45D7-9E83-D64F24F81299"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6DF1A99-B5D8-46C4-A291-D3CB55A95E10"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80A9C4B4-CE28-45A8-93DD-9CD833082237"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C648EF3C-1C68-4A6E-A9F4-C0EE10FDE9F3"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.0.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E715F74F-EEE5-45AB-B7D0-FEBB23F029CE"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2870EA3-D157-4584-9052-D8BD84FBFB45"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9BAC60D-694D-4D82-B8F8-3E12F7B54DB1"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1740DEF3-E880-4D0A-8FB3-919108AC79CB"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3DF4BA6-AD34-48E2-80ED-1FD60ABD41C2"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AA35C1C-42F8-4DDF-B946-23BB751E8BBD"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03FF8B7F-4E88-4903-87BC-9381BE7753A0"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B01B7004-6EC2-4D97-B416-9F878C8BBB33"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C26184C-AC7A-4B13-8774-8F5385D3487A"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:9.2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91E05EA1-EBD2-4A56-A0DF-670442FCDD2F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References