CVE-2015-0546 : EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attack

EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attackers to bypass LDAP authentication by providing a valid account name.

Published 2015-06-17 10:59:00

Updated 2025-04-12 10:46:41

Source Dell

View at NVD, CVE.org

Products affected by CVE-2015-0546

EMC » Unified Infrastructure Manager/provisioning » Version: 4.1
cpe:2.3:a:emc:unified_infrastructure_manager\/provisioning:4.1:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

2.33%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 83 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

http://www.securitytracker.com/id/1032589

EMC Unified Infrastructure Manager/Provisioning Authentication Flaw Lets Remote Users Access the System - SecurityTracker
http://seclists.org/bugtraq/2015/Jun/87

Bugtraq: ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability

Jump to