CVE-2018-15765
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks.
Dell EMC Secure Remote Services en versiones anteriores a la 3.32.00.08 contiene una vulnerabilidad de exposición de información. El archivo de registro almacena datos sensibles incluyendo los comandos ejecutados para generar tokens de autenticación que podrían ser útiles para un atacante para que manipule tokens de autenticación maliciosos para consultar la aplicación y realizar más ataques.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-08-23 CVE Reserved
- 2018-10-17 CVE Published
- 2023-10-12 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/105694 | Third Party Advisory | |
http://www.securitytracker.com/id/1041877 | Third Party Advisory | |
https://seclists.org/fulldisclosure/2018/Oct/35 | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Emc Secure Remote Services Search vendor "Dell" for product "Emc Secure Remote Services" | < 3.32.00.08 Search vendor "Dell" for product "Emc Secure Remote Services" and version " < 3.32.00.08" | virtual |
Affected
|