← back
CVE-2018-15765

CVE-2018-15765

CVSS 3.4 LOWEPSS 0.4%
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.4EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Oct 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks.
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Affected products
DELL EMC · ESRS Virtual Edition

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://seclists.org/fulldisclosure/2018/Oct/35http://www.securityfocus.com/bid/105694http://www.securitytracker.com/id/1041877