3 matches found
EMC M&R (Watch4net) - Credential Disclosure
Abstract It was discovered that EMC M&R Watch4net credentials of remote servers stored in Watch4net are encrypted using a fixed hardcoded password. If an attacker manages to obtain a copy of the encrypted credentials, it is trivial to decrypt them. Affected products EMC reports that the following...
EMC M&R (Watch4net) Insecure Credential Storage
------------------------------------------------------------------------ EMC M&R Watch4net data storage collector credentials are not properly protected ------------------------------------------------------------------------ Han Sahin, November 2014...
CVE-2015-0514
EMC M&R (Watch4net) before 6.5u1 and ViPR SRM before 3.6.1 store remote-server credentials in Watch4net encrypted with a fixed hardcoded password, which makes the credentials decryptible if an attacker obtains the encrypted copy. Affected products include EMC M&R (Watch4Net) < 6.5u1 and EMC Vi...