Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.
[
{
"product": "Dell EMC RecoverPoint",
"vendor": "Dell EMC",
"versions": [
{
"lessThan": "5.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Dell EMC RecoverPoint Virtual Machine (VM)",
"vendor": "Dell EMC",
"versions": [
{
"lessThan": "5.1.1.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]