Plain-Text Password Storage Issue in Dell EMC Repository Manager
CVE-2020-5315

8.8HIGH

Key Information:

Vendor: Dell
Status: Dell Emc Repository Manager (drm)
Vendor: CVE Published:; 19 July 2021

What is CVE-2020-5315?

Dell EMC Repository Manager version 3.2 has a vulnerability that allows sensitive credentials, specifically proxy server user passwords, to be stored in plain text within a local database. This poses significant risks, as a local authenticated attacker with access to the file system can exploit the stored passwords, potentially gaining unauthorized access to systems with the same privileges as the compromised account. Effective security measures should be implemented to avoid risks associated with sensitive data exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dell EMC Repository Manager (DRM) 3.3

References

https://www.dell.com/support/article/us/en/04/sln319925/d...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jul 19, 2021
Vulnerability Reserved
Jan 3, 2020

JSON

Dell

What is CVE-2020-5315?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.