漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). They contain an undocumented default account (smc) with a hard-coded password that may be used with certain web servlets. A remote attacker with the knowledge of the hard-coded password and the message format may use vulnerable servlets to gain unauthorized access to the system. Note: This account cannot be used to log in via the web user interface.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Dell产品vApp Manager 安全漏洞
Vulnerability Description
Dell EMC Unisphere for VMAX Virtual Appliance等都是美国戴尔(Dell)公司的产品。Dell EMC Unisphere for VMAX Virtual Appliance(vApp)是一款针对VMAX存储阵列的管理工具。EMC Solutions Enabler Virtual Appliance是一款解决方案应用虚拟设备。vApp Manager是其中的一个vApp管理工具。 多款Dell产品中的vApp Manager存在安全漏洞,该漏洞源于默认的账户(
CVSS Information
N/A
Vulnerability Type
N/A