Описание
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with privileges of the compromised user.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2 (включая)
cpe:2.3:h:dell:emc_repository_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00042
Низкий
8.8 High
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-256
CWE-522
Связанные уязвимости
github
больше 3 лет назад
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with privileges of the compromised user.
EPSS
Процентиль: 13%
0.00042
Низкий
8.8 High
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-256
CWE-522