Описание
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only privileges.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:dell:emc_data_protection_advisor:6.4:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_data_protection_advisor:6.5:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_data_protection_advisor:18.1:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00285
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-259
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only privileges.
EPSS
Процентиль: 52%
0.00285
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-259
NVD-CWE-Other