CVE-2015-0546

Name of the Vulnerable Software and Affected Versions EMC Unified Infrastructure Manager/Provisioning (UIM/P) version 4.1

Description The issue exists due to an error in the access control subsystem, allowing a remote attacker to bypass the authentication procedure via the LDAP service by providing only a valid user account name.

Recommendations For version 4.1, consider restricting access to the LDAP authentication service until a patch is available. As a temporary workaround, limit the use of the vulnerable authentication mechanism to minimize the risk of exploitation.