CVE-2018-11062
Last modified
CVE-2018-11062 is a vulnerability of currently unknown severity. Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. These accounts have limited privileges and can access certain system files only. EPSS estimates a 1.77% chance of exploitation in the next 30 days.
Description
Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. These accounts have limited privileges and can access certain system files only. A malicious user with the knowledge of the default passwords may potentially log in to the system and gain read and write access to certain system files.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc Integrated Data Protection Appliance | >= 2.0, <= 2.2 |
References
- http://www.securityfocus.com/bid/105764Third Party Advisory, VDB Entry
- https://seclists.org/fulldisclosure/2018/Oct/53Mailing List, Third Party Advisory
- http://www.securityfocus.com/bid/105764Third Party Advisory, VDB Entry
- https://seclists.org/fulldisclosure/2018/Oct/53Mailing List, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-11062?
How severe is CVE-2018-11062?
How do I fix CVE-2018-11062?
Are you affected by CVE-2018-11062?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST