CVE-2018-1216

🗓️ 08 Mar 2018 15:00:00Reported by dellType

A hard-coded password vulnerability in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Managemen

Reporter	Title	Published	Views	Family All 10
CNVD	Unauthorized Access Vulnerability in vApp Manager for Multiple Dell Products	12 Mar 201800:00	–	cnvd
Check Point Advisories	Dell EMC VMAX Virtual Appliance Manager Authentication Bypass (CVE-2018-1216)	4 Dec 201800:00	–	checkpoint_advisories
Cvelist	CVE-2018-1216	8 Mar 201815:00	–	cvelist
Tenable Nessus	EMC vApp Manager Default Credentials	15 Feb 201800:00	–	nessus
EUVD	EUVD-2018-11850	7 Oct 202500:30	–	euvd
NVD	CVE-2018-1216	8 Mar 201815:29	–	nvd
OSV	CVE-2018-1216	8 Mar 201815:29	–	osv
Prion	Design/Logic Flaw	8 Mar 201815:29	–	prion
Prion	Hardcoded credentials	8 Mar 201815:29	–	prion
ThreatPost	Dell EMC Patches Critical Flaws in VMAX Enterprise Storage Systems	14 Feb 201817:22	–	threatpost

NVD

Node

dell emc_solutions_enabler_virtual_applianceRange<8.4.0.21

dell emc_unisphere_for_vmax_virtual_applianceRange<8.4.0.18

dell emc_vasa_virtual_applianceRange<8.4.0.514

dell emc_vmax_embedded_managementRange≤1.4

[
  {
    "product": "vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement)"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/fulldisclosure/2018/Feb/41
securitytracker	www.securitytracker.com/id/1040383
tenable	www.tenable.com/security/research/tra-2018-03
securityfocus	www.securityfocus.com/bid/103039

21 Nov 2024 03:59Current

9High risk

Vulners AI Score9

CVSS 39.8

CVSS 210

EPSS0.06202

CWE-798