CVE-2012-0406

CVE-2012-0406 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.

Learn more about our Web Application Penetration Testing UK.