Lucene search
DellCVE-2014-4623HistoryOct 25, 2014 - 10:55 a.m.
CVE-2014-4623
2014-10-2510:55:06
CWE-310
dell
web.nvd.nist.gov
21
cve-2014-4623
emc avamar
avamar data store
avamar virtual edition
password hardening
unix des
cleartext passwords
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.002
Percentile
56.4%
EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
Affected configurations
Node
emcavamarMatch6.0.1
ORemcavamarMatch6.0.2
ORemcavamarMatch6.0.3
ORemcavamarMatch6.1
ORemcavamarMatch6.1.101-87
ORemcavamarMatch7.0
ORemcavamarMatch7.0sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| emc | avamar | 6.0.1 | cpe:2.3:a:emc:avamar:6.0.1:*:*:*:*:*:*:* |
| emc | avamar | 6.0.2 | cpe:2.3:a:emc:avamar:6.0.2:*:*:*:*:*:*:* |
| emc | avamar | 6.0.3 | cpe:2.3:a:emc:avamar:6.0.3:*:*:*:*:*:*:* |
| emc | avamar | 6.1 | cpe:2.3:a:emc:avamar:6.1:*:*:*:*:*:*:* |
| emc | avamar | 6.1.101-87 | cpe:2.3:a:emc:avamar:6.1.101-87:*:*:*:*:*:*:* |
| emc | avamar | 7.0 | cpe:2.3:a:emc:avamar:7.0:*:*:*:*:*:*:* |
| emc | avamar | 7.0 | cpe:2.3:a:emc:avamar:7.0:sp1:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-4623
2014-10-25 10:55:06
prion
prion
Default credentials
2014-10-25 10:55:00
securityvulns
securityvulns
ESA-2014-094: EMC Avamar Weak Password Storage Vulnerability
2014-10-27 00:00:00
EMC Avamar security vulnerabilities
2014-10-27 00:00:00
cvelist
cvelist
CVE-2014-4623
2014-10-25 10:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.002
Percentile
56.4%
Related for CVE-2014-4623