Cryptographic Vulnerability in VCE Vision Intelligent Operations by VCE
CVE-2015-4056

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Vce Vision Intelligent Operations
Vendor: CVE Published:; 21 February 2017

Summary

The VCE Vision Intelligent Operations system before version 2.6.5 contains a security flaw in its cryptographic implementation. This vulnerability enables local users with administrative access to potentially uncover sensitive credentials, thereby increasing the risk of unauthorized access and exploitation of the system. Organizations utilizing this software should consider upgrading to the latest version to mitigate the risk.

References

http://seclists.org/bugtraq/2015/Jun/91

mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 21, 2017
Vulnerability Reserved
May 22, 2015