CVE-2013-3285

Published Nov 2, 2013

Last updated 11 years ago

CVSS info 3.5

Overview

Description: The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-310

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83625C74-9A2C-406D-A72F-98057C626180"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C918819-AE64-4C02-BDFD-44A7950260E2"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D67F8C96-D9A8-4EBC-909D-8D5076F72C5F"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D89D53E-767D-43D6-822A-418297C7349C"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B59F4C75-D6C7-4D9F-A3B5-311DA1D59F25"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3601F4F-FAA4-4B88-8B39-3E8DCCDC621F"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "408E3FBD-64BF-4E37-9FA2-C9FC69A2D5F0"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A95340F-8259-4471-A288-3046D67EDE5A"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87F69CAF-0E54-45EF-9063-6FDCFA2A0BD0"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A990F8EA-B69D-458B-8433-41BA5118D57B"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3875F1DF-21A9-4F50-8F01-D55AFD725094"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C9084EB-5D75-477D-AF31-BDC174B1A23C"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A851B4E-C9CB-4580-BFD9-4A28EA9E3859"
          },
          {
            "criteria": "cpe:2.3:a:emc:networker:8.0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C1185F7-6BEB-4546-9452-10CCBD509A48"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References