Information Disclosure in EMC Unisphere for VMAX Affects Local Users
CVE-2013-3287

Currently unrated

Key Information:

Vendor: Dell
Status: Emc Unisphere
Vendor: CVE Published:; 2 November 2013

Summary

The EMC Unisphere for VMAX application prior to version 1.6.1.6 contains a vulnerability that allows local users with access to the console to disclose the cleartext LDAP bind password. This occurs when the software is configured to employ an unspecified level of debug logging in LDAP settings, potentially exposing sensitive authentication information.

References

http://archives.neohapsis.com/archives/bugtraq/2013-10/01...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/63425

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 2, 2013