Vulnerability Details CVE-2013-3285
The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via (1) unspecified NMC audit reports or (2) requests to RAP resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.4%
CVSS Severity
CVSS v2 Score 3.5
References
- http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html
- http://osvdb.org/99067
- http://www.securityfocus.com/bid/63402
- http://www.securitytracker.com/id/1029265
- http://archives.neohapsis.com/archives/bugtraq/2013-10/0150.html
- http://osvdb.org/99067
- http://www.securityfocus.com/bid/63402
- http://www.securitytracker.com/id/1029265
Products affected by CVE-2013-3285
-
cpe:2.3:a:emc:networker:8.0
-
cpe:2.3:a:emc:networker:8.0.0.1
-
cpe:2.3:a:emc:networker:8.0.0.2
-
cpe:2.3:a:emc:networker:8.0.0.3
-
cpe:2.3:a:emc:networker:8.0.0.4
-
cpe:2.3:a:emc:networker:8.0.0.5
-
cpe:2.3:a:emc:networker:8.0.0.6
-
cpe:2.3:a:emc:networker:8.0.1.3
-
cpe:2.3:a:emc:networker:8.0.1.4
-
cpe:2.3:a:emc:networker:8.0.1.5
-
cpe:2.3:a:emc:networker:8.0.1.6
-
cpe:2.3:a:emc:networker:8.0.2.0
-
cpe:2.3:a:emc:networker:8.0.2.1
-
cpe:2.3:a:emc:networker:8.0.2.2