DSA-2021-083: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities
Resumen:Dell Unity, Dell UnityVSA, and Dell Unity XT remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Seleccione un producto para comprobar la relevancia del artículo
Este artículo se aplica a Este artículo no se aplica aEste artículo no está vinculado a ningún producto específico.No se identifican todas las versiones del producto en este artículo.
Dell Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Dell Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.
Be sure to always use the latest version of the Dell Upgrade Readiness Utility. Older versions of the Upgrade Readiness Utility may log Unisphere Administrator credentials on Dell Unity, Dell UnityVSA, and Dell Unity XT products running on versions prior to OE 5.0.7.0.5.008. If an older version of the Upgrade Readiness Utility has been run on Dell EMC , Dell UnityVSA, and Dell Unity XT products using versions prior to OE 5.0.7.0.5.008, then change the Administrator password immediately.