Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated.
CPE | Name | Operator | Version |
---|---|---|---|
emulex_hba_manager | ge | 11.0.0 | |
emulex_hba_manager | lt | 11.4.425.0 | |
emulex_hba_manager | ge | 12.0.0 | |
emulex_hba_manager | lt | 12.8.542.31 |