CVE-2013-3278

Name of the Vulnerable Software and Affected Versions EMC VPLEX versions prior to VPLEX GeoSynchrony 5.2 SP1

Description The issue allows local users to obtain sensitive information by reading the management-server configuration file, as the LDAP/AD bind password is stored in cleartext.

Recommendations For versions prior to VPLEX GeoSynchrony 5.2 SP1, update to VPLEX GeoSynchrony 5.2 SP1 or later to resolve the issue. As a temporary workaround, consider restricting access to the management-server configuration file to minimize the risk of exploitation.