CVE-2024-30473

Name of the Vulnerable Software and Affected Versions: Dell ECS versions prior to 3.8.1

Description: The issue is related to insufficient access control in the Dell EMC Elastic Cloud Storage (ECS) platform, which can be exploited by a remote attacker to elevate their privileges. A high-privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized endpoints.

Recommendations: For versions prior to 3.8.1, update to version 3.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to user management functions to minimize the risk of exploitation.