Dell Emc Unity vulnerabilities

CVE-2019-3741 [HIGH] CWE-693 CVE-2019-3741: Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vu Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s (including the admin privilege user) password is stored in a plain text in Unity Data Collection bundle (logs files for troubleshooting). A local authenticated attacker with access to the Data Collection bundle may use the

CVE-2019-3734 [MEDIUM] CVE-2019-3734: Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulner Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users.