QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-8013

Back to search

CVE-2017-8013

Published: Mar 16, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password could potentially use these accounts via REST APIs to gain unauthorized access to EMC Data Protection Advisor (including potentially access with administrative privileges).

VendorProductVersions

Dell EMC

EMC Data Protection Advisor

affected
6.3.x
affected
6.4.x

References

1039370
vdb-entry
x_refsource_SECTRACK
100846
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now