CVE-2013-3287 — LOW (1.9) — White Hats Nepal

Q: What is CVE-2013-3287?

CVE-2013-3287 is a vulnerability with a CVSS score of 1.9 (LOW). EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.

Q: How severe is CVE-2013-3287?

CVE-2013-3287 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-3287?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Unisphere.

Vulnerability Description

EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.

CVSS Score

1.9

LOW

AV:L/AC:M/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Dell	Emc Unisphere	<= 1.6

Related Weaknesses (CWE)

CWE-310

References

FAQ

What is CVE-2013-3287?

CVE-2013-3287 is a vulnerability with a CVSS score of 1.9 (LOW). EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.

How severe is CVE-2013-3287?

CVE-2013-3287 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-3287?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Unisphere.