CVE-2012-4610
First published: Wed Oct 31 2012(Updated: )
EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Avamar Virtual Edition | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-4610?
CVE-2012-4610 is classified as having a high severity due to the potential exposure of sensitive information.
How do I fix CVE-2012-4610?
To fix CVE-2012-4610, update the EMC Avamar Client for VMware to a version that does not store the server root password in cleartext.
What impact does CVE-2012-4610 have on my system?
CVE-2012-4610 can allow remote attackers to access sensitive credentials stored in cleartext, posing a significant security risk.
Is CVE-2012-4610 typically exploited in the wild?
There have been instances of CVE-2012-4610 being exploited in targeted attacks, particularly against environments using older versions of the affected software.
What should I do if I cannot update EMC Avamar to fix CVE-2012-4610?
If unable to update, consider implementing strict network access controls to limit exposure of the proxy client as a temporary mitigation for CVE-2012-4610.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/emc
- canonical/emc avamar virtual edition
- version/emc avamar virtual edition/6.1