CVE-2023-44300

Name of the Vulnerable Software and Affected Versions Dell DM5500 version 5.14.0.0

Description The issue is related to a Plain-text Password Storage Vulnerability in the appliance, specifically in PPOE. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service or user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Recommendations For Dell DM5500 version 5.14.0.0, consider updating to a newer version that addresses the Plain-text Password Storage Vulnerability, as this would prevent the disclosure of service credentials. Additionally, as a temporary workaround, restrict access to the PPOE component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.