CVE-2018-1216Hard-coded Credentials in Dell EMC Solutions Enabler Virtual Appliance

CWE-798Hard-coded Credentials4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
6.2%
top 9.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Dell EMC Solutions Enabler Virtual ApplianceDell EMC Unisphere FOR Vmax Virtual ApplianceDell EMC Vasa Virtual Appliance+1 more
Timeline
PublishedMar 8
Latest updateMay 14

Description

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

NVDdell/emc_unisphere< 8.4.0.18

🔴Vulnerability Details

2
GHSA
GHSA-xp9f-vm29-4q5v: A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell2022-05-14
CVEList
CVE-2018-1216: A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell2018-03-08
CVE-2018-1216 — Hard-coded Credentials in Dell | cvebase