CVE-2019-3751

MEDIUM

Dell EMC Enterprise Copy Data Management <=3.0 - Unauthenticated MITM via Certificate Validation Bypass

Title source: llm
STIX 2.1

Description

Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

References (1)

Core 1

Scores

CVSS v3 6.4
EPSS 0.0010
EPSS Percentile 28.0%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Details

CWE
CWE-295
Status published
Products (5)
dell/emc_enterprise_copy_data_management 1.0
dell/emc_enterprise_copy_data_management 1.1
dell/emc_enterprise_copy_data_management 2.0
dell/emc_enterprise_copy_data_management 2.1
dell/emc_enterprise_copy_data_management 3.0
Published Sep 03, 2019
Tracked Since Feb 18, 2026