CVE-2013-3287

EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.

Published: Nov 2, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-3287
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-310

Affected Software
References

Software	From	Fixed in
dell / emc_unisphere	1.0	1.0.x
dell / emc_unisphere	-	1.6.x
dell / emc_unisphere	1.1	1.1.x
dell / emc_unisphere	1.5	1.5.x

http://archives.neohapsis.com/archives/bugtraq/2013-10/0155.html
http://www.securityfocus.com/bid/63425

Vulnerability Database

289,784

CVE-2013-3287