CVE-2019-3741

HIGH Year: 2019
CVSS v3 Score
7.8
High
CVSS v2 Score
2.1
Low
Weakness Type
CWE-693
View all →

Vulnerability Description

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s (including the admin privilege user) password is stored in a plain text in Unity Data Collection bundle (logs files for troubleshooting). A local authenticated attacker with access to the Data Collection bundle may use the exposed password to gain access with the privileges of the compromised user.

Related Vulnerabilities

CVE-2017-6261

HIGH
CVSS:7.8(High)

NVIDIA Vibrante Linux version 1.1, 2.0, and 2.2 contains a vulnerability in the user space driver in which protection mechanisms are insufficient, may lead to denial of service or information disclosu...

CWE-6932017

CVE-2018-11459

HIGH
CVSS:7.8(High)

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions <...

CWE-6932018

CVE-2018-11460

HIGH
CVSS:7.8(High)

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions <...

CWE-6932018

CVE-2018-9312

HIGH
CVSS:7.8(High)

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB de...

CWE-6932018

CVE-2018-9320

HIGH
CVSS:7.8(High)

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB de...

CWE-6932018

CVE-2018-9322

HIGH
CVSS:7.8(High)

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the ...

CWE-6932018