← back
CVE-2018-11078

CVE-2018-11078

CVSS 4 MEDIUMEPSS 0.8%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Sep 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potentially author a MITM attack on the VPN traffic.
CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
DELL EMC · VPlex Software: GeoSynchrony

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://seclists.org/fulldisclosure/2018/Sep/10http://www.securitytracker.com/id/1041613