Broken Authentication Vulnerability in Fujitsu Eternus Storage DX200 S4
CVE-2020-29127

9.8CRITICAL

Key Information:

Vendor: Fujitsu
Status: Eternus Storage Dx200 S4 Firmware
Vendor: CVE Published:; 30 November 2020

What is CVE-2020-29127?

A vulnerability was discovered in Fujitsu Eternus Storage DX200 S4 devices where a logged-in root user can access the portal with elevated privileges. By navigating to a specific URI, the portal remains accessible through different web browsers, potentially allowing unauthorized users to exploit the session and gain root permissions. This issue raises significant concerns regarding the security of sensitive data and systems managed by these devices, emphasizing the need for immediate attention and remediation.