Undocumented Account with Default Password in EMC ESRS Policy Manager

Undocumented Account with Default Password in EMC ESRS Policy Manager

CVE-2017-4976 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a default password. A remote attacker with the knowledge of the default password may login to the system and gain administrator privileges to the local LDAP directory server.

Learn more about our Cis Benchmark Audit For Server Software.