2 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request. • https://www.dell.com/support/kbdoc/en-us/000212970/dsa-2023-109-dell-ecs-security-update-for-multiple-vulnerabilities • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests. Dell EMC ECS en versiones 3.2.0.0 y 3.2.0.1 contiene una vulnerabilidad de omisión de autenticación. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para leer y modificar objetos S3 proporcionando peticiones S3 especialmente manipuladas. • http://seclists.org/fulldisclosure/2018/Jul/1 http://www.securityfocus.com/bid/104660 • CWE-287: Improper Authentication •