CVE-2014-4623

Severity CVSS v4.0:
Pending analysis
Type:
CWE-310 Cryptographic Issues
Publication date:
25/10/2014
Last modified:
12/04/2025

Description

EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:emc:avamar:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar:6.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar:6.1.101-87:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar:7.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:avamar:7.0:sp1:*:*:*:*:*:*