Sensitive Data Exposure in Dell ECS Streamer Products
CVE-2023-32468

5.8MEDIUM

Key Information:

Vendor: Dell
Status: Ecs Streamer
Vendor: CVE Published:; 26 July 2023

What is CVE-2023-32468?

The Dell ECS Streamer prior to version 2.0.7.1 has a vulnerability that allows remote, high-privileged users to gain unauthorized access to sensitive information included in log files. This issue can lead to potential exposure of critical data, posing significant risks to data confidentiality and privacy.

Affected Version(s)

ECS Streamer All versions prior to 2.0.7.1

References

https://www.dell.com/support/kbdoc/en-us/000215903/dsa-20...

vendor-advisory

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2023
Vulnerability Reserved
May 9, 2023