Dell EMC Unity, UnityVSA, and Unity XT versions before 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|