PT-2019-16678 · Dell Emc · Unityvsa+2
Published
2019-07-18
·
Updated
2020-08-24
·
CVE-2019-3734
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116
Description
The issue is related to an improper authorization vulnerability in the NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this to edit the quota configuration of other users.
Recommendations
For versions prior to 5.0.0.0.5.116, update to version 5.0.0.0.5.116 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dell Emc Unity
Unisphere
Unityvsa