CVE-2018-15765

Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks.
References
Link Resource
http://www.securityfocus.com/bid/105694 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041877 Third Party Advisory VDB Entry
https://seclists.org/fulldisclosure/2018/Oct/35 Mailing List Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:emc_secure_remote_services:*:*:*:*:virtual:*:*:*

History

No history.

Information

Published : 2018-10-18 22:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-15765

Mitre link : CVE-2018-15765

CVE.ORG link : CVE-2018-15765


JSON object : View

Products Affected

dell

  • emc_secure_remote_services
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor