PT-2015-7390 · Emc · Emc Vplex Geosynchrony

Published

2015-12-28

Updated

2016-12-07

CVE-2015-6850

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC VPLEX GeoSynchrony versions 5.4 SP1 before P3 EMC VPLEX GeoSynchrony versions 5.5 before Patch 1

Description The issue concerns a default password for the root account, allowing local users to gain privileges by leveraging a login session.

Recommendations For versions 5.4 SP1 before P3, update to at least P3 to resolve the issue. For versions 5.5 before Patch 1, apply Patch 1 to fix the problem. As a temporary workaround, consider changing the default password for the root account to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2015-6850

Affected Products

Emc Vplex Geosynchrony

PT-2015-7390 · Emc · Emc Vplex Geosynchrony

CVE-2015-6850

Weakness Enumeration

Related Identifiers

Affected Products

References · 5