PT-2023-21510 · Dell · Dell Cloudiq Collector

Publicado

2023-05-19

Atualizado

2023-05-26

CVE-2023-28045

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Dell CloudIQ Collector version 1.10.2

Description The issue is related to a missing encryption of sensitive data, which could be exploited by an attacker with low privileges to gain access to unauthorized data.

Recommendations For Dell CloudIQ Collector version 1.10.2, consider updating to a newer version that addresses the missing encryption of sensitive data issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-311

Identificadores relacionados

CVE-2023-28045

Produtos afetados

Dell Cloudiq Collector

PT-2023-21510 · Dell · Dell Cloudiq Collector

CVE-2023-28045

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5