CVE-2019-3766

8.1HIGH

Key Information:

Vendor: Dell
Status: Elastic Cloud Storage
Vendor: CVE Published:; 27 September 2019

Summary

Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts.

Affected Version(s)

Elastic Cloud Storage prior to 3.4.0.0

References

https://www.dell.com/support/security/en-us/details/53746...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 27, 2019
Vulnerability Reserved
Jan 3, 2019