CVE-2019-3734EMC Unity vulnerability

4 documents4 sources
Severity
4.3MEDIUMNVD
CNA5.4
EPSS
0.1%
top 67.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Dell EMC UnityDell EMC Unity Operating EnvironmentDell EMC Unityvsa Operating Environment
Timeline
PublishedJul 18
Latest updateMay 24

Description

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

CVEListV5dell_emc/unity5.05.0.0.0.5.116

🔴Vulnerability Details

2
GHSA
GHSA-fq6w-66h9-rc8g: Dell EMC Unity and UnityVSA versions prior to 52022-05-24
CVEList
CVE-2019-3734: Dell EMC Unity and UnityVSA versions prior to 52019-07-18

💬Community

1
Bugzilla
CVE-2019-10051 suricata: denial of service in function filetracker_newchunk2019-08-29
CVE-2019-3734 — Dell EMC Unity vulnerability | cvebase