Vulnerability Description
EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Cloud Tiering Appliance Software | 9.0 |
| Emc | Cloud Tiering Appliance | - |
| Emc | File Management Appliance Software | 7.0 |
| Emc | File Management Appliance | - |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0094.html
- http://seclists.org/fulldisclosure/2014/Mar/426
- https://gist.github.com/brandonprry/9895721
- http://archives.neohapsis.com/archives/bugtraq/2014-04/0094.html
- http://seclists.org/fulldisclosure/2014/Mar/426
- https://gist.github.com/brandonprry/9895721
FAQ
What is CVE-2014-0645?
CVE-2014-0645 is a vulnerability with a CVSS score of 4.7 (MEDIUM). EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-depend...
How severe is CVE-2014-0645?
CVE-2014-0645 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0645?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Cloud Tiering Appliance Software, Emc Cloud Tiering Appliance, Emc File Management Appliance Software, Emc File Management Appliance.