Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password is stored in a plain text in a system file. A local authenticated attacker with access to the system files may use the exposed password to gain access with the privileges of the compromised user.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
缺省权限不正确
Vulnerability Title
Dell EMC Unity,UnityVSA 安全漏洞
Vulnerability Description
DELL Dell EMC Unity和UnityVSA都是美国戴尔(DELL)公司的产品。Dell EMC Unity是一款统一存储阵列产品。UnityVSA是一套虚拟Unity存储环境。 Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 存在安全漏洞,该漏洞源于用户凭证以明文形式存储在系统文件中。经过身份验证的本地攻击者可利用该漏洞可以访问系统文件,并使用暴露的密码获得被攻击用户的特权。
CVSS Information
N/A
Vulnerability Type
N/A