CVE-2015-4056

MEDIUM

Dell VCE Vision Intelligent Operations < 2.6.4 - Credential Exposure via Weak Cryptography

Title source: llm
STIX 2.1

Description

The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access.

References (1)

Core 1
Core References
Mailing List, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://seclists.org/bugtraq/2015/Jun/91

Scores

CVSS v3 6.7
EPSS 0.0006
EPSS Percentile 18.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-310
Status published
Products (1)
dell/vce_vision_intelligent_operations < 2.6.4
Published Feb 21, 2017
Tracked Since Feb 18, 2026