CVE-2023-39245

Name of the Vulnerable Software and Affected Versions DELL ESI (Enterprise Storage Integrator) for SAP LAMA version 10.0

Description The issue is an information disclosure vulnerability in the EHAC component. A remote unauthenticated attacker could potentially exploit this vulnerability by eavesdropping on network traffic to gain admin-level credentials.

Recommendations For version 10.0, consider restricting access to the EHAC component until a patch is available. As a temporary workaround, network traffic encryption and secure communication protocols should be implemented to minimize the risk of eavesdropping. At the moment, there is no information about a newer version that contains a fix for this vulnerability.