CVE-2018-1241

Summary

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.

Affected Software

VendorProductVersion RangeStatus
Dell EMCDell EMC RecoverPointunspecified < 5.1.2affected
Dell EMCDell EMC RecoverPoint Virtual Machine (VM)unspecified < 5.1.1.3affected

Weaknesses

  • CWE-532: CWE-532: Information Exposure Through Log Files

ADP Enrichment

CVE Program Container

Additional References

References