Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with access to the configuration file may obtain the exposed password to gain access to the application database.
Advisories
Source ID Title
EUVD EUVD EUVD-2018-3123 Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with access to the configuration file may obtain the exposed password to gain access to the application database.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2024-09-17T01:26:15.649Z

Reserved: 2018-05-14T00:00:00

Link: CVE-2018-11079

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-18T22:29:00.270

Modified: 2024-11-21T03:42:38.253

Link: CVE-2018-11079

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.