Description

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

Related CPE's

a

dell

emc_unity_operating_environment

Vulnerable

a

dell

emc_unity_xt_operating_environment

Vulnerable

a

dell

emc_unityvsa_operating_environment

Vulnerable

References

https://www.dell.com/support/kbdoc/000189204

Vendor Advisory

https://www.dell.com/support/kbdoc/000189204

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-200

[email protected]

Primary
CWE-522

CVSS impact metrics

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

6.4 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-07-12T14:15:08.763Z

4 years ago

Last modified

2024-11-21T04:48:39.630Z

1 year ago