Unrated severityNVD Advisory· Published Oct 25, 2014· Updated Jun 17, 2026
CVE-2014-4623
CVE-2014-4623
Description
EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
Affected products
8cpe:2.3:a:emc:avamar:6.0.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:emc:avamar:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:6.1.101-87:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:avamar:7.0:sp1:*:*:*:*:*:*
- (no CPE)range: 6.0.x, 6.1.x, 7.0.x
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.