CVE-2018-15765
3.4
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Summary
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| DELL EMC | ESRS Virtual Edition | unspecified < 3.32.00.08 | affected |
Weaknesses
- Information Exposure Vulnerability
ADP Enrichment
CVE Program Container
Additional References
- https://seclists.org/fulldisclosure/2018/Oct/35
- http://www.securityfocus.com/bid/105694
- http://www.securitytracker.com/id/1041877
References
- https://seclists.org/fulldisclosure/2018/Oct/35
- http://www.securityfocus.com/bid/105694
- http://www.securitytracker.com/id/1041877
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.