Lucene search

PRIOn knowledge basePRION:CVE-2014-0645

HistoryApr 17, 2014 - 1:55 a.m.

Information disclosure

2014-04-1701:55:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

41.8%

JSON

EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.

CPENameOperatorVersion
cloud_tiering_appliance_softwareeq9.0
cloud_tiering_appliance_softwareeq10.0 sp1
cloud_tiering_appliance_softwareeq10.0
file_management_appliance_softwareeq7.0

Name	Operator	Version
cloud_tiering_appliance_software	eq	9.0
cloud_tiering_appliance_software	eq	10.0 sp1
cloud_tiering_appliance_software	eq	10.0
file_management_appliance_software	eq	7.0

References

archives.neohapsis.com/archives/bugtraq/2014-04/0094.html

seclists.org/fulldisclosure/2014/Mar/426

gist.github.com/brandonprry/9895721

6.6 Medium

AI Score

Confidence

Low

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

41.8%

JSON

Related for PRION:CVE-2014-0645