Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-3762

Опубликовано: 18 мар. 2020
Источник: nvd
CVSS3: 7.5
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dell:emc_data_protection_central:1.0:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_data_protection_central:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_data_protection_central:18.1:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_data_protection_central:18.2:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_data_protection_central:19.1:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.1:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.2:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.3:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 46%
0.00232
Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-296
CWE-295

Связанные уязвимости

github логотип

GHSA-5r88-pc2r-4575

github
больше 3 лет назад

Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data.

EPSS

Процентиль: 46%
0.00232
Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-296
CWE-295