Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2019-09-27T20:19:45.429008Z
Updated: 2024-09-17T04:10:25.001Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3736
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-27T21:15:10.080
Modified: 2024-11-21T04:42:26.043
Link: CVE-2019-3736
Redhat
No data.