PT-2018-13191 · Dell Emc · Dell Emc Secure Remote Services

Publicado

2018-10-18

Atualizado

2019-10-09

CVE-2018-15765

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Dell EMC Secure Remote Services versions prior to 3.32.00.08

Description The issue allows for information exposure, where log file contents store sensitive data, including executed commands used to generate authentication tokens. This sensitive information could be useful to an attacker in crafting malicious authentication tokens for querying the application, potentially leading to subsequent attacks.

Recommendations For versions prior to 3.32.00.08, update to version 3.32.00.08 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2018-15765

Produtos afetados

Dell Emc Secure Remote Services

PT-2018-13191 · Dell Emc · Dell Emc Secure Remote Services

CVE-2018-15765

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5