CVE-2017-14376

Name of the Vulnerable Software and Affected Versions EMC AppSync Server versions prior to 3.5.0.1

Description The issue is related to database accounts with hardcoded passwords that could be exploited by malicious users to compromise the system. This is essentially a problem of predefined credentials being used, which can be leveraged by an attacker to gain unauthorized access to the system.

Recommendations For versions prior to 3.5.0.1, update to version 3.5.0.1 or later to resolve the issue. As a temporary workaround, consider changing the hardcoded passwords to unique, strong passwords until a patch is applied. Restrict access to the database accounts to minimize the risk of exploitation.