Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default.
CPE | Name | Operator | Version |
---|---|---|---|
xtremio_x2_firmware | eq | < 6.4.1-11 |