Vulnerability Details CVE-2018-1241
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 4.0
References
Products affected by CVE-2018-1241
-
cpe:2.3:a:emc:recoverpoint:4.4.1.0
-
cpe:2.3:a:emc:recoverpoint:4.4.1.1
-
cpe:2.3:a:emc:recoverpoint:5.0
-
cpe:2.3:a:emc:recoverpoint:5.0.1.3
-
cpe:2.3:a:emc:recoverpoint:5.1.0.0
-
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:4.0
-
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:4.4.1.1
-
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:5.1.1