EMC NetWorker Module for MEDITECH 3.0 Build 87 - 90 Local Information Disclosure

Low Nessus Plugin ID 78823


The remote Windows host has an application installed that is affected by a local information disclosure vulnerability.


The version of EMC NetWorker (formerly Legato NetWorker) Module for MEDITECH (NMMEDI) installed on the remote host is 3.0 build 87 - 90.
It is, therefore, affected by a local information disclosure vulnerability due to RecoverPoint and Plink commands storing plaintext RecoverPoint Appliance login credentials in NMMEDI log files.


Upgrade to EMC NetWorker Module for MEDITECH 3.0 build 92 / 8.2 build 479 or later.

See Also



Plugin Details

Severity: Low

ID: 78823

File Name: emc_networker_MEDITECH_esa-2014-087.nasl

Version: $Revision: 1.2 $

Type: local

Agent: windows

Family: Windows

Published: 2014/11/03

Modified: 2015/06/23

Dependencies: 62945

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:emc:networker, cpe:/a:meditech:meditech

Required KB Items: installed_sw/EMC NetWorker

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/10/24

Vulnerability Publication Date: 2014/10/24

Reference Information

CVE: CVE-2014-4620

BID: 70726

OSVDB: 113690