Back to search
CVE-2014-0645
Published: Apr 17, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20140416 ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
https://gist.github.com/brandonprry/9895721
x_refsource_MISC
20140331 EMC CTA v10.0 unauthenticated XXE with root perms
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now