PT-2021-14635 · Dell · Dell Emc Unity+2
Published
2021-07-12
·
Updated
2022-10-24
·
CVE-2021-21591
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394
Description
The issue concerns a plain-text password storage vulnerability. A local malicious user with high privileges may exploit this to gain access with the privileges of the compromised user.
Recommendations
For versions prior to 5.1.0.0.5.394, update to version 5.1.0.0.5.394 or later to resolve the issue.
Fix
Information Disclosure
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dell Emc Unity
Unity Xt
Unityvsa