cbcvebase.
CVE-2019-3762
published 2020-03-18

CVE-2019-3762: Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated…

PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
0.65%
46.4th percentile
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data.

Affected

11 ranges
VendorProductVersion rangeFixed in
delldata_protection_central
dellemc_data_protection_central
dellemc_data_protection_central
dellemc_data_protection_central
dellemc_data_protection_central
dellemc_data_protection_central
dellemc_integrated_data_protection_appliance
dellemc_integrated_data_protection_appliance
dellemc_integrated_data_protection_appliance
dellemc_integrated_data_protection_appliance
dellemc_integrated_data_protection_appliance

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.