DSA-2021-083: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities
Shrnutí:Dell Unity, Dell UnityVSA, and Dell Unity XT remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Vyberte produkt a zkontrolujte relevanci článku
Tento článek se vztahuje na Tento článek se nevztahuje naTento článek není vázán na žádný konkrétní produkt.V tomto článku nejsou uvedeny všechny verze produktu.
Dell Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Dell Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.
Společnost Dell Technologies všem zákazníkům doporučuje vzít v úvahu základní hodnocení CVSS i všechna související hodnocení v daném čase a prostředí, která mohou mít vliv na potenciální závažnost dané konkrétní bezpečnostní hrozby.
Be sure to always use the latest version of the Dell Upgrade Readiness Utility. Older versions of the Upgrade Readiness Utility may log Unisphere Administrator credentials on Dell Unity, Dell UnityVSA, and Dell Unity XT products running on versions prior to OE 5.0.7.0.5.008. If an older version of the Upgrade Readiness Utility has been run on Dell EMC , Dell UnityVSA, and Dell Unity XT products using versions prior to OE 5.0.7.0.5.008, then change the Administrator password immediately.