CVE-2018-1241

Name of the Vulnerable Software and Affected Versions Dell EMC RecoverPoint versions prior to 5.1.2 Dell EMC RecoverPoint for VMs versions prior to 5.1.1.3

Description The issue may cause an LDAP password to be leaked in plain-text into the log file under certain conditions. An authenticated malicious user with access to the log files may obtain the exposed password for use in further attacks.

Recommendations For Dell EMC RecoverPoint versions prior to 5.1.2, update to version 5.1.2 or later to resolve the issue. For Dell EMC RecoverPoint for VMs versions prior to 5.1.1.3, update to version 5.1.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the RecoverPoint log files to minimize the risk of exploitation.