Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
References
Configurations
Configuration 1 (hide)
AND |
|
History
18 Dec 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. |
07 Dec 2023, 17:42
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-522 | |
CPE | cpe:2.3:o:dell:powerprotect_data_manager_dm5500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dell:powerprotect_data_manager_dm5500:-:*:*:*:*:*:*:* |
|
First Time |
Dell powerprotect Data Manager Dm5500 Firmware
Dell powerprotect Data Manager Dm5500 Dell |
04 Dec 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-04 09:15
Updated : 2023-12-18 06:15
NVD link : CVE-2023-44300
Mitre link : CVE-2023-44300
CVE.ORG link : CVE-2023-44300
JSON object : View
Products Affected
dell
- powerprotect_data_manager_dm5500_firmware
- powerprotect_data_manager_dm5500