Dell Compellent Hard-Coded Key Exposes VMware vCenter Admin Creds

Hard-coded encryption key flaw in Dell's Compellent integration tools for VMware allows attackers to decrypt stored vCenter admin credentials and retrieve the clear text password. Flaw is caused by a static encryption key shared across all installs that is used to encrypt the vCenter credentials storing in the program's configuration file. August 2023 patch has been rolled out.

Play episode from 15:53

Transcript

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app