Security News > 2018 > February > Dell EMC plugs critical bugs in VMAX enterprise storage offerings
2018-02-16 18:32
Dell EMC has patched two critical flaws in vApp Manager, the management interface for its VMAX enterprise storage systems, and is urging all customers to implement fixes as soon as possible. About the VMAX enterprise storage vulnerabilities The flaws were discovered and reported by Tenable’s director of reverse engineering Carlos Perez. The graver of the two is CVE-2018-1216, which marks the existence of a hard-coded password vulnerability. “The vApp Manager contains an undocumented default account … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/3KPyRjfsmuk/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-08 | CVE-2018-1216 | Use of Hard-coded Credentials vulnerability in Dell products A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). | 9.8 |