Published: 29/05/2018 Updated: 09/10/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Subscribe to Recoverpoint For Virtual Machines

Dell EMC RecoverPoint versions before 5.1.2 and RecoverPoint for VMs versions before 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
emc recoverpoint for virtual machines
emc recoverpoint

Exploits for Dell EMC RecoverPoint enterprise data protection platform

Dell EMC RecoverPoint Exploits for an enterprise data protection platform I have discovered the following vulnerabilities in the RecoverPoint enterprise data protection platform, mentioned in Dell EMC's disclosure seclistsorg/fulldisclosure/2018/May/61 Critical unauthenticated remote code execution with root privileges via command injection in username (CVE-2018

CWE-532 http://seclists.org/fulldisclosure/2018/May/61 http://www.securityfocus.com/bid/104246 https://nvd.nist.gov https://github.com/bao7uo/dell-emc_recoverpoint

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-1241

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect