CVE-2018-11052 – Dell EMC ECS S3 Authentication Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2018-11052

Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests. Dell EMC ECS en versiones 3.2.0.0 y 3.2.0.1 contiene una vulnerabilidad de omisión de autenticación. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para leer y modificar objetos S3 proporcionando peticiones S3 especialmente manipuladas. • http://seclists.org/fulldisclosure/2018/Jul/1 http://www.securityfocus.com/bid/104660 • CWE-287: Improper Authentication •