Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypass. The attacker may potentially alter the docker images leading to a loss of integrity and confidentiality
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用候选路径或通道进行的认证绕过
Vulnerability Title
Dell PowerProtect Cyber Recovery 授权问题漏洞
Vulnerability Description
Dell PowerProtect Cyber Recovery是美国戴尔(Dell)公司的一个网络数据恢复软件和解决方案。 Dell PowerProtect Cyber Recovery 19.11.0.2之前的版本存在安全漏洞,该漏洞源于未经身份验证的远程攻击者可能访问docker注册表API并与之交互,从而绕过身份验证。攻击者可能会修改docker映像,导致完整性和机密性受到影响。
CVSS Information
N/A
Vulnerability Type
N/A