CVE-2017-10949

EPSS 5.4%

Vexday Risk Score

3Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS —EPSS 5.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

04 ago 2017Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations. Was ZDI-CAN-4459.

Produtos afetados

Zero Day Initiative · Dell Storage Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://topics-cdn.dell.com/pdf/dell-compellent-sc8000_release%20notes24_en-us.pdf http://www.securityfocus.com/bid/100138 http://www.zerodayinitiative.com/advisories/ZDI-17-523