Dell EMC Integrated Data Protection Appliance versions before 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dell emc_integrated_data_protection_appliance_firmware 2.1 |
||
dell emc_integrated_data_protection_appliance_firmware 2.2 |
||
dell emc_integrated_data_protection_appliance_firmware 2.0 |