Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-8022

An issue was discovered in EMC NetWorker (prior to 8.2.4.9, all supported 9.0.x versions, prior to 9.1.1.3, prior to 9.2.0.4). The Server service (nsrd) is affected by a buffer overflow vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code on vulnerable installations of the software, or cause a denial of service, depending on the target system's platform.

Published

2017-10-18T15:29:00.737

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 8.1 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application emc networker ≤ 8.2.4.8 Yes
Application emc networker 9.0.0.3 Yes
Application emc networker 9.0.0.4 Yes
Application emc networker 9.0.0.5 Yes
Application emc networker 9.0.0.6 Yes
Application emc networker 9.0.0.7 Yes
Application emc networker 9.0.0.8 Yes
Application emc networker 9.0.1.1 Yes
Application emc networker 9.0.1.2 Yes
Application emc networker 9.0.1.3 Yes
Application emc networker 9.0.1.4 Yes
Application emc networker 9.0.1.5 Yes
Application emc networker 9.0.1.6 Yes
Application emc networker 9.0.1.7 Yes
Application emc networker 9.0.1.8 Yes
Application emc networker 9.0.1.9 Yes
Application emc networker 9.1.0.3 Yes
Application emc networker 9.1.0.4 Yes
Application emc networker 9.1.0.5 Yes
Application emc networker 9.1.0.6 Yes
Application emc networker 9.1.1.1 Yes
Application emc networker 9.1.1.2 Yes
Application emc networker 9.2.0.1 Yes
Application emc networker 9.2.0.2 Yes
Application emc networker 9.2.0.3 Yes
References