3 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request. • https://www.dell.com/support/kbdoc/en-us/000212970/dsa-2023-109-dell-ecs-security-update-for-multiple-vulnerabilities • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests. Dell EMC ECS en versiones 3.2.0.0 y 3.2.0.1 contiene una vulnerabilidad de omisión de autenticación. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para leer y modificar objetos S3 proporcionando peticiones S3 especialmente manipuladas. • http://seclists.org/fulldisclosure/2018/Jul/1 http://www.securityfocus.com/bid/104660 • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system. EMC Elastic Cloud Storage (ECS) en versiones anteriores a la 3.1 se ha visto afectado por una vulnerabilidad de cuenta sin documentar que podría ser aprovechada por usuarios maliciosos para comprometer el sistema afectado. • http://seclists.org/fulldisclosure/2017/Sep/74 http://www.securityfocus.com/bid/101018 • CWE-1188: Initialization of a Resource with an Insecure Default •