Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0645


Vulnerability Score 4.7 4.7
CVE Id CVE-2014-0645
Last Modified 17 Apr 2014 11:10:45
Published 16 Apr 2014 09:55:05
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE



EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-dependent attackers to obtain sensitive information via a brute-force attack.

Vulnerable Systems


  • Emc Cloud Tiering Appliance Software 10.0

  • Emc Cloud Tiering Appliance Software 9.0

  • Emc File Management Appliance Software 7.0



FULLDISC - 20140331 EMC CTA v10.0 unauthenticated XXE with root perms

BUGTRAQ - 20140416 ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities

Last Updated: 27 May 2016 11:04:57