N/A

Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attacker could perform a man-in-the-middle attack and eavesdrop on encrypted communications from Cloud Mobility to Cloud Storage devices. Exploitation could lead to the compromise of secret and sensitive information, cloud storage connection downtime, and the integrity of the connection to the Cloud devices.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

证书撤销验证不恰当

Dell EMC Storage信任管理问题漏洞

Dell EMC Storage是美国戴尔（Dell）公司的一种数据存储解决方案。 Dell EMC Storage 1.3.0.X版本及之前版本存在安全漏洞，该漏洞源于证书吊销检查不正确。攻击者利用该漏洞执行中间人攻击，并窃听从云移动到云存储设备的加密通信。

N/A

N/A