CVE-2014-0645

EMC Cloud Tiering Appliance 9.x-10 SP1 and File Management Appliance 7.x - Weak Password Hash Storage

Title source: llm
STIX 2.1

Description

EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.

References (3)

Core 3
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-04/0094.html
Various Sources x_refsource_misc
https://gist.github.com/brandonprry/9895721
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Mar/426

Scores

EPSS 0.0007
EPSS Percentile 21.2%

Details

CWE
CWE-255
Status published
Products (5)
emc/cloud_tiering_appliance
emc/cloud_tiering_appliance_software 9.0
emc/cloud_tiering_appliance_software 10.0 (2 CPE variants)
emc/file_management_appliance
emc/file_management_appliance_software 7.0
Published Apr 17, 2014
Tracked Since Feb 18, 2026