描述
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.
AI分析AI驱动
受影响产品
dellemc_integrated_data_protection_appliance_firmware
2.0
dellemc_integrated_data_protection_appliance_firmware
2.1
dellemc_integrated_data_protection_appliance_firmware
2.2
dellemc_idpa_dp4400
-
dellemc_idpa_dp5800
-
dellemc_idpa_dp8300
-
dellemc_idpa_dp8800
-
参考资料
- https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-VulnerabilitiesVendor Advisory
- https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-VulnerabilitiesVendor Advisory