CVE-2013-3287

Name of the Vulnerable Software and Affected Versions EMC Unisphere for VMAX versions prior to 1.6.1.6

Description The issue allows local users to discover the cleartext LDAP bind password by reading the console when an unspecified level of debug logging is used in LDAP configurations.

Recommendations For versions prior to 1.6.1.6, update to version 1.6.1.6 or later to resolve the issue. As a temporary workaround, consider disabling debug logging in LDAP configurations to minimize the risk of exploitation. Restrict access to the console to prevent unauthorized users from reading the cleartext LDAP bind password.