CVE-2015-0529

Published: Apr 5, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate and (2) svcuser accounts, which makes it easier for remote attackers to obtain potentially sensitive information via a login session.

Affected (1)

Products: Emc: Powerpath Virtual Appliance

Emc

1 product

Powerpath Virtual Appliance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Powerpath Virtual Appliance	Up to 1.2

Related CWEs

CWE-255

References (4)

http://packetstormsecurity.com/files/131250/EMC-PowerPath-Virtual-Appliance-Undocumented-User-Accounts.html

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://seclists.org/bugtraq/2015/Apr/1

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/131250/EMC-PowerPath-Virtual-Appliance-Undocumented-User-Accounts.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://seclists.org/bugtraq/2015/Apr/1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.