CVE-2015-0529

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://seclists.org/bugtraq/2015/Apr/1", "name": "20150401 ESA-2015-056: EMC PowerPath Virtual Appliance Undocumented User Accounts Vulnerability", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BUGTRAQ"}, {"url": "http://packetstormsecurity.com/files/131250/EMC-PowerPath-Virtual-Appliance-Undocumented-User-Accounts.html", "name": "http://packetstormsecurity.com/files/131250/EMC-PowerPath-Virtual-Appliance-Undocumented-User-Accounts.html", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate and (2) svcuser accounts, which makes it easier for remote attackers to obtain potentially sensitive information via a login session."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-255"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-0529", "ASSIGNER": "secure@dell.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-04-05T01:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:emc:powerpath_virtual_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.2"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-08-23T18:00Z"}