Описание
Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:dell:vxrail_d560f_firmware:4.7.410:*:*:*:*:*:*:*
cpe:2.3:o:dell:vxrail_d560f_firmware:4.7.411:*:*:*:*:*:*:*
cpe:2.3:o:dell:vxrail_d560f_firmware:4.7.510:*:*:*:*:*:*:*
cpe:2.3:h:dell:vxrail_d560f:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
Одно из
cpe:2.3:o:dell:vxrail_d560_firmware:4.7.410:*:*:*:*:*:*:*
cpe:2.3:o:dell:vxrail_d560_firmware:4.7.411:*:*:*:*:*:*:*
cpe:2.3:o:dell:vxrail_d560_firmware:4.7.510:*:*:*:*:*:*:*
cpe:2.3:h:dell:vxrail_d560:-:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00626
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862
CWE-862
Связанные уязвимости
github
больше 3 лет назад
Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form.
EPSS
Процентиль: 70%
0.00626
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-862
CWE-862