Man-in-the-middle attack in RecoverPoint - #VU13001
Published: May 23, 2018
Vulnerability identifier: #VU13001
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-300
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Dell
Affected software:
RecoverPoint
RecoverPoint
Detailed vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to credentials are sent from the RecoverPoint server in cleartext when the LDAP simple bind configuration is used. A remote attacker can conduct man-in-the-middle attack, monitor the traffic and discover LDAP credentials which have been entrusted to the RecoverPoint and compromise a Microsoft Active Directory domain.
The weakness exists due to credentials are sent from the RecoverPoint server in cleartext when the LDAP simple bind configuration is used. A remote attacker can conduct man-in-the-middle attack, monitor the traffic and discover LDAP credentials which have been entrusted to the RecoverPoint and compromise a Microsoft Active Directory domain.
Remediation
Update to version 5.1.2 or 5.1.1.3.