ID |
CVE-2013-3287
|
Summary |
EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:dell:emc_unisphere:1.0:*:*:*:*:vmax:*:*
cpe:2.3:a:dell:emc_unisphere:1.0:*:*:*:*:vmax:*:*
-
cpe:2.3:a:dell:emc_unisphere:1.1:*:*:*:*:vmax:*:*
cpe:2.3:a:dell:emc_unisphere:1.1:*:*:*:*:vmax:*:*
-
cpe:2.3:a:dell:emc_unisphere:1.5:*:*:*:*:vmax:*:*
cpe:2.3:a:dell:emc_unisphere:1.5:*:*:*:*:vmax:*:*
-
cpe:2.3:a:dell:emc_unisphere:1.6:*:*:*:*:vmax:*:*
cpe:2.3:a:dell:emc_unisphere:1.6:*:*:*:*:vmax:*:*
|
CVSS |
Base: | 1.9 (as of 05-08-2021 - 14:46) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-310 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
refmap
via4
|
bid | 63425 | bugtraq | 20131029 ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability |
|
Last major update |
05-08-2021 - 14:46 |
Published |
02-11-2013 - 19:55 |
Last modified |
05-08-2021 - 14:46 |