CVE-2018-15765
LOWDell EMC Secure Remote Services < 3.32.00.08 - Sensitive Information Exposure via Log File
Title source: llmDescription
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may prove useful to an attacker for crafting malicious authentication tokens for querying the application and subsequent attacks.
References (3)
Core 3
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
https://seclists.org/fulldisclosure/2018/Oct/35
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105694
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041877
Scores
CVSS v3
3.4
EPSS
0.0014
EPSS Percentile
34.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-200
Status
published
Products (1)
dell/emc_secure_remote_services
< 3.32.00.08
Published
Oct 18, 2018
Tracked Since
Feb 18, 2026