CVE-2011-0647

The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/70853
http://secunia.com/advisories/43164	Vendor Advisory
http://www.securityfocus.com/archive/1/516260
http://www.securityfocus.com/archive/1/516282/100/0/threaded
http://www.securityfocus.com/bid/46235
http://www.vupen.com/english/advisories/2011/0304	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-061/
https://exchange.xforce.ibmcloud.com/vulnerabilities/65205
http://osvdb.org/70853
http://secunia.com/advisories/43164	Vendor Advisory
http://www.securityfocus.com/archive/1/516260
http://www.securityfocus.com/archive/1/516282/100/0/threaded
http://www.securityfocus.com/bid/46235
http://www.vupen.com/english/advisories/2011/0304	Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-11-061/
https://exchange.xforce.ibmcloud.com/vulnerabilities/65205

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:emc:replication_manager:::client:::::*
	cpe:2.3:a:emc:replication_manager:2.0::client:::::
	cpe:2.3:a:emc:replication_manager:5.2::client:::::
	cpe:2.3:a:emc:replication_manager:5.2.2::client:::::

Configuration 2 (hide)

OR	cpe:2.3:a:emc:networker_module:2.1:-:microsoft_applications:::::*
	cpe:2.3:a:emc:networker_module:2.2:-:microsoft_applications:::::*

History

21 Nov 2024, 01:24

Type	Values Removed	Values Added
References	~~() http://osvdb.org/70853 -~~	() http://osvdb.org/70853 -
References	~~() http://secunia.com/advisories/43164 - Vendor Advisory~~	() http://secunia.com/advisories/43164 - Vendor Advisory
References	~~() http://www.securityfocus.com/archive/1/516260 -~~	() http://www.securityfocus.com/archive/1/516260 -
References	~~() http://www.securityfocus.com/archive/1/516282/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/516282/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/46235 -~~	() http://www.securityfocus.com/bid/46235 -
References	~~() http://www.vupen.com/english/advisories/2011/0304 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2011/0304 - Vendor Advisory
References	~~() http://www.zerodayinitiative.com/advisories/ZDI-11-061/ -~~	() http://www.zerodayinitiative.com/advisories/ZDI-11-061/ -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/65205 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/65205 -

Information

Published : 2011-02-10 18:00

Updated : 2025-04-11 00:51

NVD link : CVE-2011-0647

Mitre link : CVE-2011-0647

CVE.ORG link : CVE-2011-0647

JSON object : View

Products Affected

emc

networker_module
replication_manager

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2011-0647", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-02-10T18:00:59.083", "references": [{"url": "http://osvdb.org/70853", "source": "security_alert@emc.com"}, {"url": "http://secunia.com/advisories/43164", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/archive/1/516260", "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/archive/1/516282/100/0/threaded", "source": "security_alert@emc.com"}, {"url": "http://www.securityfocus.com/bid/46235", "source": "security_alert@emc.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0304", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-061/", "source": "security_alert@emc.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65205", "source": "security_alert@emc.com"}, {"url": "http://osvdb.org/70853", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/43164", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/516260", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/516282/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/46235", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/0304", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-061/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65205", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542."}, {"lang": "es", "value": "El servicio irccd.exe en EMC Replication Manager Client anterior de v5.3 y NetWorker Module para Microsoft Applications v2.1.x y v2.2.x permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de la funci\u00f3n RunProgram al puerto TCP 6542."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:replication_manager:*:*:client:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC7703AF-CF4C-4DBA-8538-E4839054A443", "versionEndIncluding": "5.2.3"}, {"criteria": "cpe:2.3:a:emc:replication_manager:2.0:*:client:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E73C5C32-9C5B-451A-80E0-D716CD21713C"}, {"criteria": "cpe:2.3:a:emc:replication_manager:5.2:*:client:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "328ADEA6-6E22-492C-8309-9622455AEBCA"}, {"criteria": "cpe:2.3:a:emc:replication_manager:5.2.2:*:client:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FA3660A-D710-4E74-9160-E97BE6B63BC2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:networker_module:2.1:-:microsoft_applications:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F906A50-FC68-4807-BF0E-880E5DDD698B"}, {"criteria": "cpe:2.3:a:emc:networker_module:2.2:-:microsoft_applications:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CB14856-A203-466A-9F9E-DF9470A74EC7"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}

10.0 /10