CVE-2023-39244

Name of the Vulnerable Software and Affected Versions DELL ESI (Enterprise Storage Integrator) for SAP LAMA version 10.0

Description The issue concerns an information disclosure vulnerability in the EHAC component of DELL ESI (Enterprise Storage Integrator) for SAP LAMA. A remote unauthenticated attacker could potentially exploit this vulnerability by eavesdropping on network traffic to gain admin-level credentials.

Recommendations For version 10.0, consider restricting access to the EHAC component to minimize the risk of exploitation. As a temporary workaround, avoid using the EHAC component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.