Dell EMC Integrated Data Protection Appliance versions before 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dell emc integrated data protection appliance firmware 2.0 |
||
dell emc integrated data protection appliance firmware 2.1 |
||
dell emc integrated data protection appliance firmware 2.2 |