Описание
EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 5.7.1.0 (включая)
cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01115
Низкий
9.8 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an unattended workstation.
EPSS
Процентиль: 78%
0.01115
Низкий
9.8 Critical
CVSS3
9 Critical
CVSS2
Дефекты
CWE-264