The Dell EMCs VMAX Virtual Appliance (vApp) Manager is an essential component of a wide range of the enterprise storage systems. The first flaw tracked as CVE-2018-1215 is an arbitrary file upload vulnerability that could be exploited by a remote authenticated attacker to potentially upload arbitrary maliciously crafted files in any location on the web server. The second flaw is an undocumented default account in the vApp Manager with a hard-coded password that may be used with certain web servlets to gain unauthorized access to the system.”]
Source: http://securityaffairs.co/wordpress/69128/hacking/vmax-enterprise-storage-flaws.html

