CVE-2017-8021

Name of the Vulnerable Software and Affected Versions EMC Elastic Cloud Storage (ECS) versions prior to 3.1

Description The issue is related to an undocumented account vulnerability that could be leveraged by malicious users to compromise the system. It is also associated with the use of a pre-installed account, specifically emcservice, which has a predefined password. Exploitation of this issue may allow a remote attacker to access the system, compromising the confidentiality, integrity, and availability of data.

Recommendations For versions prior to 3.1, consider changing the password of the pre-installed emcservice account to prevent unauthorized access. As a temporary workaround, restrict access to the system to minimize the risk of exploitation until a patch is available. Update to version 3.1 or later to fully resolve the issue.