CVE-2019-3751

Summary

Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

Affected Software

VendorProductVersion RangeStatus
DELL EMCDell EMC Enterprise Copy Data Management (eCDM)1.0, 1.1, 2.0, 2.1, 3.0affected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

ADP Enrichment

CVE Program Container

Additional References

References