EMC Cloud Tiering Appliance (CTA)本地信息泄漏漏洞

Bugtraq ID:66937
CVE ID:CVE-2014-0645

EMC Cloud Tiering Appliance能够协助存储管理人员有效简单的管理以档案为单位的非结构性数据。

EMC Cloud Tiering Appliance把root, super, admin内置账户的默认密码使用DES加密算法存储，允许攻击者利用漏洞可恢复这些密码。
0
EMC Cloud Tiering Appliance (CTA) 10
EMC Cloud Tiering Appliance (CTA) 10 SP1
EMC Cloud Tiering Appliance (CTA) 9.x
EMC File Management Appliance (FMA) 7.x
目前厂商已经发布了升级补丁以修复漏洞，请下载使用：
10.0: https://download.emc.com/downloads/DL53068_CTA-10.0-Hot-Fix-for-ESA-2014-028.zip
10.0 SP1: https://download.emc.com/downloads/DL53069_CTA-10.0-SP1-Hot-Fix-for-ESA-2014-028.zip