CVE-2018-1241 Vulnerability Details

  /     /     /  

CVE-2018-1241 Metadata Quick Info

CVE Published: 29/05/2018 | CVE Updated: 17/09/2024 | CVE Year: 2018
Source: dell | Vendor: Dell EMC | Product: Dell EMC RecoverPoint
Status : PUBLISHED

---

CVE-2018-1241 Description

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-532
CWE Name: CWE-532: Information Exposure Through Log Files
Source: Dell EMC

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).