CVE-2013-3278

Published: Oct 1, 2013Modified: Apr 29, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file.

Affected (4)

Products: Emc: Geosynchrony, Vplex Geo, Vplex Local, Vplex Metro

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Emc Geosynchrony	Up to 5.2
Emc Vplex Geo	All versions
Emc Vplex Local	All versions
Emc Vplex Metro	All versions

Related CWEs

CWE-255

References (2)

http://archives.neohapsis.com/archives/bugtraq/2013-09/0135.html

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2013-09/0135.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.