When logging into the SRM UI, j_security_check submits a clear text password, which is risky.

When logging into the srm UI interface, I used developer tools to capture the browser's data packets and found that j_security_check submitted a clear text password. This is a risk. Can it be improved in the next version and use encrypted passwords ? thanks!

Responses(3)

S

sniperht829

1 Rookie

•

5 Posts

0

July 25th, 2024 14:54

This risk was discovered from this SRM version: Dell SRM 5.0.1.0

DELL-Sam L

Moderator

•

7K Posts

0

July 26th, 2024 13:22

Hello sniperht829,

I can put in to see if this can be resolved in a future release.

S

sniperht829

1 Rookie

•

5 Posts

0

July 27th, 2024 07:24

@DELL-Sam L Thank you for your response. I hope to see this security vulnerability fixed in future versions. After all, most enterprises are now paying attention to network security, and such vulnerabilities are easily detected by network security tools. Thank you!

View All

No Events found!

Storage Resource Management (SRM Suite)

When logging into the SRM UI, j_security_check submits a clear text password, which is risky.