CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3736

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage vulnerability in the ACM component. A remote authenticated malicious user with root privileges may potentially use a support tool to decrypt encrypted passwords stored locally on the system to use it to access other components using the privileges of the compromised user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.7%

CVSS Severity

CVSS v3 Score 8.2

CVSS v2 Score 4.0

References

Products affected by CVE-2019-3736

Dell » Emc Idpa Dp4400 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp4400:-
Dell » Emc Idpa Dp5800 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp5800:-
Dell » Emc Idpa Dp8300 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp8300:-
Dell » Emc Idpa Dp8800 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp8800:-
Dell » Emc Integrated Data Protection Appliance Firmware » Version: 2.0

cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.0
Dell » Emc Integrated Data Protection Appliance Firmware » Version: 2.1

cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.1
Dell » Emc Integrated Data Protection Appliance Firmware » Version: 2.2

cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3736

Products

Pricing

Contact Us