Описание
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. An remote unauthenticated attacker could potentially exploit this vulnerability by eavesdropping the network traffic to gain admin level credentials.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.0.0.0 (исключая)
cpe:2.3:a:dell:enterprise_storage_integrator_for_sap_landscape_management:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00578
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-284
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.3
github
почти 2 года назад
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an improper access control vulnerability in EHAC component. A remote unauthenticated attacker could potentially exploit this vulnerability to gain unrestricted access to the SOAP APIs.
EPSS
Процентиль: 68%
0.00578
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-284
NVD-CWE-noinfo