CVE-2019-3736

2019-09-27T21:15:00
ID CVE-2019-3736
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:49:00

Description

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.