Dell Emc Elastic Cloud Storage vulnerabilities
3 known vulnerabilities affecting dell/emc_elastic_cloud_storage.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-3766P2CRITICALCVSS 9.8fixed in 3.4.0.02019-09-27
CVE-2019-3766 [CRITICAL] CWE-307 CVE-2019-3766: Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication a
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts.
nvd
CVE-2020-5386P3HIGHCVSS 7.5fixed in 3.5.0.02020-09-02
CVE-2020-5386 [HIGH] CWE-668 CVE-2020-5386: Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauth
Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauthenticated attacker can access the list of DT (Directory Table) objects of all internally running services and gain knowledge of sensitive data of the system.
nvd
CVE-2020-5317P4MEDIUMCVSS 4.8fixed in 3.4.0.12020-02-06
CVE-2020-5317 [MEDIUM] CWE-79 CVE-2020-5317: Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated maliciou
Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of
nvd