Unrated severityNVD Advisory· Published Oct 25, 2014· Updated May 6, 2026

CVE-2014-4623

Description

EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

Affected products

EMC Corporation/Avamar7 versions
cpe:2.3:a:emc:avamar:6.0.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:emc:avamar:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.1.101-87:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:7.0:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000