CVE-2020-29500
Description
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell EMC PowerStore prior to 1.0.3.0.5.007 stores user credentials in plain text in PowerStore T environments, allowing locally authenticated attackers to disclose and misuse those credentials.
Vulnerability
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. The vulnerability allows locally authenticated attackers to read credentials stored in plain text [1].
Exploitation
An attacker with local authenticated access to the PowerStore T system can exploit this vulnerability to retrieve certain user credentials. The attack requires high complexity but no user interaction [1].
Impact
Successful exploitation leads to disclosure of user credentials, which can then be used to access the vulnerable application with the privileges of the compromised account. This could result in high confidentiality, integrity, and availability impact, and potentially a scope change [1].
Mitigation
This vulnerability is fixed in Dell EMC PowerStore version 1.0.3.0.5.007 and later [1]. Users should upgrade to the latest version to mitigate the issue.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <1.0.3.0.5.007
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000180775mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.