CVE-2015-6850

Published: Dec 28, 2015Modified: May 6, 2026

8.4

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: NVD

Description

EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a default password for the root account, which allows local users to gain privileges by leveraging a login session.

Affected (2)

Products: Emc: Vplex Geosynchrony

Emc

1 product

Vplex Geosynchrony

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Emc Vplex Geosynchrony	Version 5.4 sp1
Emc Vplex Geosynchrony	Version 5.5

Related CWEs

CWE-264

References (8)

http://packetstormsecurity.com/files/135041/EMC-VPLEX-Undocumented-Account.html

Source: security_alert@emc.com

http://seclists.org/bugtraq/2015/Dec/129

Source: security_alert@emc.com

http://www.securityfocus.com/bid/79664

Source: security_alert@emc.com

http://www.securitytracker.com/id/1034526

Source: security_alert@emc.com

http://packetstormsecurity.com/files/135041/EMC-VPLEX-Undocumented-Account.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/bugtraq/2015/Dec/129

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/79664

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1034526

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.