#VU13000 Privilege escalation in RecoverPoint
Vulnerability identifier: #VU13000
Vulnerability risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-259
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
RecoverPoint
Client/Desktop applications /
Multimedia software
Vendor: Dell
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to the root account password for RecoverPoint's underlying linux operating system is a hardcoded password set. A remote attacker with knowledge of the root password of one device can log in at the local console, gain root privileges and control over all of the devices.
Mitigation
Update to version 5.1.2 or 5.1.1.3.
Vulnerable software versions
RecoverPoint: All versions
External links
http://www.foregenix.com/blog/foregenix-identify-multiple-dellemc-recoverpoint-zero-day-vulnerabili...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
