CVE-2020-29502
Summary
| CVE | CVE-2020-29502 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-01-05 22:15:00 UTC |
| Updated | 2021-01-08 18:42:00 UTC |
| Description | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. |
Risk And Classification
Problem Types: CWE-312
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Dell | Emc Powerstore | - | All | All | All |
| Hardware | Dell | Emc Powerstore | - | All | All | All |
| Operating System | Dell | Emc Powerstore Firmware | All | All | All | All |
| Operating System | Dell | Emc Powerstore Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| DSA-2020-284 Dell EMC PowerStore Family Multiple Security Vulnerabilities | Dell US | MISC | www.dell.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.