CVE-2014-0645

EUVD-2014-0676
EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.7 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
emccloud_tiering_appliance_software
9.0
emccloud_tiering_appliance_software
10.0
emccloud_tiering_appliance_software
10.0:sp1
emccloud_tiering_appliance
-
emcfile_management_appliance_software
7.0
emcfile_management_appliance
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2014-04/0094.html
http://seclists.org/fulldisclosure/2014/Mar/426
https://gist.github.com/brandonprry/9895721
http://archives.neohapsis.com/archives/bugtraq/2014-04/0094.html
http://seclists.org/fulldisclosure/2014/Mar/426
https://gist.github.com/brandonprry/9895721