PT-2018-10289 · Dell Emc · Dell Emc Vplex Geosynchrony

Published

2018-09-11

Updated

2019-10-09

CVE-2018-11078

CVSS v3.1

7.5

High

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell EMC VPlex GeoSynchrony versions prior to 6.1

Description The issue allows a remote authenticated malicious user to read from VPN configuration files, potentially authoring a man-in-the-middle (MITM) attack on the VPN traffic.

Recommendations For versions prior to 6.1, update to version 6.1 or later to resolve the issue.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2018-11078

Affected Products

Dell Emc Vplex Geosynchrony

PT-2018-10289 · Dell Emc · Dell Emc Vplex Geosynchrony

CVE-2018-11078

Weakness Enumeration

Related Identifiers

Affected Products

References · 4