CVE-2020-29502
Description
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell EMC PowerStore prior to 1.0.3.0.5.007 stores passwords in plain text, allowing a locally authenticated attacker to disclose user credentials and potentially gain elevated access.
Vulnerability
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X and T environments [1]. User credentials are stored in plain text, making them accessible to an attacker with local system access.
Exploitation
To exploit this vulnerability, an attacker must already be authenticated to the PowerStore system locally. The attack complexity is high, but once authenticated, the attacker can read the stored credentials from the system files or memory, revealing the passwords of other users [1].
Impact
Successful exploitation results in the disclosure of certain user credentials. The attacker can then use these credentials to access the vulnerable application with the privileges of the compromised account, potentially leading to privilege escalation and compromise of confidentiality, integrity, and availability [1].
Mitigation
Dell released a fixed version, 1.0.3.0.5.007, to address this vulnerability. Users should upgrade to this version or later. No workaround is available. The CVE is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <1.0.3.0.5.007
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000180775mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.