Описание
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:dell:emc_powerscale_onefs:8.1.0:*:*:*:*:*:*:*
cpe:2.3:o:dell:emc_powerscale_onefs:8.1.1:*:*:*:*:*:*:*
cpe:2.3:o:dell:emc_powerscale_onefs:8.1.2:*:*:*:*:*:*:*
cpe:2.3:o:dell:emc_powerscale_onefs:8.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00129
Низкий
7.5 High
CVSS3
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-326
CWE-319
Связанные уязвимости
CVSS3: 9.1
github
больше 3 лет назад
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the authentication provider.
EPSS
Процентиль: 33%
0.00129
Низкий
7.5 High
CVSS3
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-326
CWE-319