CVE-2021-42370
Summary
| CVE | CVE-2021-42370 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-11-08 05:15:00 UTC |
| Updated | 2022-07-29 12:46:00 UTC |
| Description | A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. (Viewing the passwords requires configuring a web browser to display HTML password input fields.) |
Risk And Classification
Problem Types: CWE-312
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Storage Monitoring EMC² IBM Hitachi HPE NetApp Lenovo | CONFIRM | stor2rrd.com | |
| Monitoring AIX, VMware, Oracle, Linux, Nutanix, Solaris, Clouds | CONFIRM | lpar2rrd.com | |
| XoruX STOR2RRD/LPAR2RRD - Monitoring accounts password exposure (CVE-2021-42370) · Advisory · orangecertcc/security-research · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.