CVE-2024-0157

Name of the Vulnerable Software and Affected Versions Dell Storage Resource Manager version 4.9.0.0 and below

Description The issue is related to a session fixation problem in the SRM Windows Host Agent. An unauthenticated attacker on an adjacent network could exploit this, potentially leading to the hijack of a targeted user's application session. The vulnerability may also be related to an uncontrolled resource consumption issue, which could allow a remote attacker to intercept an active user session.

Recommendations For Dell Storage Resource Manager version 4.9.0.0 and below, consider disabling the SRM Windows Host Agent as a temporary workaround until a patch is available. Restrict access to the agent to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.