CVE-2018-11052

Dell EMC ECS S3 Authentication Bypass Vulnerability

CVSS 9.8 CRITICALEPSS 4.2%

Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Dell EMC · ECS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://seclists.org/fulldisclosure/2018/Jul/1 http://www.securityfocus.com/bid/104660