ID CVE-2013-3272
Summary EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack.
References
Vulnerable Configurations
  • cpe:2.3:a:emc:replication_manager:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.2:*:client:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.2:*:client:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:replication_manager:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:emc:replication_manager:5.4:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 11-10-2013 - 15:51)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bugtraq 20130705 ESA-2013-050: EMC Replication Manager Sensitive Information Disclosure Vulnerability
Last major update 11-10-2013 - 15:51
Published 08-07-2013 - 20:55
Last modified 11-10-2013 - 15:51
Back to Top