#VU13001 Man-in-the-middle attack in RecoverPoint
Published: May 23, 2018
Vulnerability identifier: #VU13001
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-300
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
RecoverPoint
RecoverPoint
Software vendor:
Dell
Dell
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to credentials are sent from the RecoverPoint server in cleartext when the LDAP simple bind configuration is used. A remote attacker can conduct man-in-the-middle attack, monitor the traffic and discover LDAP credentials which have been entrusted to the RecoverPoint and compromise a Microsoft Active Directory domain.
The weakness exists due to credentials are sent from the RecoverPoint server in cleartext when the LDAP simple bind configuration is used. A remote attacker can conduct man-in-the-middle attack, monitor the traffic and discover LDAP credentials which have been entrusted to the RecoverPoint and compromise a Microsoft Active Directory domain.
Remediation
Update to version 5.1.2 or 5.1.1.3.