Описание
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:dell:powerpath_management_appliance:2.6:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerpath_management_appliance:3.0:-:*:*:*:*:*:*
cpe:2.3:a:dell:powerpath_management_appliance:3.0:patch_01:*:*:*:*:*:*
cpe:2.3:a:dell:powerpath_management_appliance:3.1:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerpath_management_appliance:3.2:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
8.2 High
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-321
Связанные уязвимости
github
около 4 лет назад
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.
EPSS
Процентиль: 10%
0.00034
Низкий
8.2 High
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-321