CVE-2013-3287

Published Nov 2, 2013

Last updated 3 years ago

Overview

Description: EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.
Source: security_alert@emc.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 1.9
Impact score: 2.9
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-310

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dell:emc_unisphere:*:*:*:*:*:vmax:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F147989-66CD-4BAE-B0BA-D2144376D7D1",
            "versionEndIncluding": "1.6"
          },
          {
            "criteria": "cpe:2.3:a:dell:emc_unisphere:1.0:*:*:*:*:vmax:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0A8A0CA-0760-4751-AB8F-DE9B472CA0E7"
          },
          {
            "criteria": "cpe:2.3:a:dell:emc_unisphere:1.1:*:*:*:*:vmax:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69255668-4966-4BBD-91EC-BFFE800D6F5A"
          },
          {
            "criteria": "cpe:2.3:a:dell:emc_unisphere:1.5:*:*:*:*:vmax:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BCFCC0D-F6E5-4FF8-A513-DF5192B98675"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References