CVE-2021-21547
published 2021-04-30CVE-2021-21547: Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | >= unspecified < 5.0.7.0.5.008 | 5.0.7.0.5.008 |
| dell | unity_operating_environment | < 5.0.7.0.5.008 | 5.0.7.0.5.008 |
| dell | unity_xt_operating_environment | < 5.0.7.0.5.008 | 5.0.7.0.5.008 |
| dell | unityvsa_operating_environment | < 5.0.7.0.5.008 | 5.0.7.0.5.008 |