Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Storing a password in plaintext may result in a system compromise.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Unity_operating_environment | Dell | * | 5.2.0.0.5.173 (excluding) |
Unity_xt_operating_environment | Dell | * | 5.2.0.0.5.173 (excluding) |
Unityvsa_operating_environment | Dell | * | 5.2.0.0.5.173 (excluding) |