Vulnerability Description
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc Secure Remote Services | < 3.32.00.08 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105694Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041877Third Party AdvisoryVDB Entry
- https://seclists.org/fulldisclosure/2018/Oct/35Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/105694Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1041877Third Party AdvisoryVDB Entry
- https://seclists.org/fulldisclosure/2018/Oct/35Mailing ListThird Party Advisory
FAQ
What is CVE-2018-15765?
CVE-2018-15765 is a vulnerability with a CVSS score of 3.4 (LOW). Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authen...
How severe is CVE-2018-15765?
CVE-2018-15765 has been rated LOW with a CVSS base score of 3.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-15765?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Secure Remote Services.