Plaintext Password Storage Vulnerability in Dell EMC Secure Remote Services

Plaintext Password Storage Vulnerability in Dell EMC Secure Remote Services

CVE-2018-11079 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with access to the configuration file may obtain the exposed password to gain access to the application database.

Learn more about our User Device Pen Test.