CVE-2019-3751

Name of the Vulnerable Software and Affected Versions Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0

Description The issue allows an unauthenticated remote attacker to potentially carry out a man-in-the-middle attack by supplying a crafted certificate. This could enable the attacker to intercept the victim's traffic, allowing them to view or modify a victim’s data in transit.

Recommendations For versions 1.0, 1.1, 2.0, 2.1, and 3.0, update to a version that includes a fix for the certificate validation issue to prevent man-in-the-middle attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.