CVE-2017-14384

Name of the Vulnerable Software and Affected Versions: Dell Storage Manager versions prior to 16.3.20

Description: The issue affects the EMConfigMigration service, allowing a remote malicious user to potentially exploit a directory traversal vulnerability. This could enable the user to read unauthorized files by providing specially crafted strings in input parameters. However, the vulnerability does not permit file deletion or modification.

Recommendations: For versions prior to 16.3.20, update to version 16.3.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the EMConfigMigration service to minimize the risk of exploitation.