Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XMS. A non-privileged attacker could potentially exploit this vulnerability, leading to a privileged victim application user being tricked into sending state-changing requests to the vulnerable application, causing unintended server operations.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Dell EMC XtremIO 跨站请求伪造漏洞
Vulnerability Description
DELL Dell EMC XtremIO XMS是美国戴尔(DELL)公司的一套XtremIO(企业存储平台)管理软件。 Dell EMC XtremIO 6.3.3 至 6.3.8 版本存在跨站请求伪造漏洞,非特权攻击者可利用该漏洞可能会利用这个漏洞,导致有特权的受害应用程序用户被骗向脆弱的应用程序发送状态更改请求,从而导致意外的服务器操作。
CVSS Information
N/A
Vulnerability Type
N/A