exploitDog

CVE-2015-0529

Опубликовано: 05 апр. 2015

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate and (2) svcuser accounts, which makes it easier for remote attackers to obtain potentially sensitive information via a login session.

Ссылки

http://packetstormsecurity.com/files/131250/EMC-PowerPath-Virtual-Appliance-Undocumented-User-Accounts.html
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2015/Apr/1
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/131250/EMC-PowerPath-Virtual-Appliance-Undocumented-User-Accounts.html
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2015/Apr/1
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:emc:powerpath_virtual_appliance:*:*:*:*:*:*:*:*

Версия до 1.2 (включая)

EPSS

Процентиль: 69%

0.00601

Низкий

5 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-rr5h-c862-f7w5

github

больше 3 лет назад

EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate and (2) svcuser accounts, which makes it easier for remote attackers to obtain potentially sensitive information via a login session.

EPSS

Процентиль: 69%

0.00601

Низкий

5 Medium

CVSS2

Дефекты

CWE-255