Vulnerabilities > CVE-2013-3278 - Credentials Management vulnerability in EMC products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

emc

CWE-255

NVD

Published: 2013-10-01

Updated: 2024-11-21

Summary

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file.

Vulnerable Configurations

Part	Description	Count
Hardware	Emc EMC Vplex GEO - EMC Vplex Metro - EMC Vplex Local -	3
Application	Emc EMC Geosynchrony *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://archives.neohapsis.com/archives/bugtraq/2013-09/0135.html
http://archives.neohapsis.com/archives/bugtraq/2013-09/0135.html