CVE-2019-3736

HIGH Year: 2019
CVSS v3 Score
8.2
High
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-257
View all →

Vulnerability Description

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.

Related Vulnerabilities

CVE-2023-38738

HIGH
CVSS:8.1(High)

IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with a...

CWE-2572023

CVE-2022-34838

HIGH
CVSS:8.4(High)

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once ...

CWE-2572022

CVE-2017-9942

HIGH
CVSS:7.8(High)

A vulnerability was discovered in Siemens SiPass integrated (All versions before V2.70) that could allow an attacker with local access to the SiPass integrated server or SiPass integrated client to po...

CWE-2572017

CVE-2022-22251

HIGH
CVSS:7.8(High)

On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-...

CWE-2572022

CVE-2023-21726

HIGH
CVSS:7.8(High)

Windows Credential Manager User Interface Elevation of Privilege Vulnerability

CWE-2572023

CVE-2021-27485

HIGH
CVSS:7.5(High)

ZOLL Defibrillator Dashboard, v prior to 2.2,The application allows users to store their passwords in a recoverable format, which could allow an attacker to retrieve the credentials from the web brows...

CWE-2572021