Computer Security
[EN] securityvulns.ru no-pyccku


EMC Smarts Network Configuration Manager security vulnerabilities
Published:03.12.2012
Source:
SecurityVulns ID:12739
Type:remote
Threat Level:
5/10
Description:Hardcoded ecnryption key, default unauthenticated connections.
Affected:EMC : Smarts Network Configuration Manager 9.0
CVE:CVE-2012-4615 (EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors.)
 CVE-2012-4614 (The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session.)
Original documentdocumentEMC, ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities (03.12.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod