CVE-2015-4056

6.7MEDIUM

Key Information:

Vendor: Dell
Status: Vce Vision Intelligent Operations
Vendor: CVE Published:; 21 February 2017

Summary

The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access.

References

http://seclists.org/bugtraq/2015/Jun/91

mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 21, 2017
Vulnerability Reserved
May 22, 2015