20 matches found
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
EUVD-2025-209757
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
CVE-2025-43992 affects Dell EMC: Dell ECS versions 3.8.1.0–3.8.1.7 and Dell ObjectScale versions before 4.3.0.0. The issue is an authentication bypass via assumed-immutable data in Geo replication, allowing an unauthenticated attacker with remote access to potentially access data in transit. The ...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
CVE-2025-43992
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
Dell ECS 安全漏洞
Dell ECS is an enterprise-level object storage solution from the American company Dell. Versions 3.8.1.0 to 3.8.1.7 of Dell ECS, as well as versions prior to 4.3.0.0 of Dell ObjectScale, have security vulnerabilities. These vulnerabilities stem from a certification bypass in Geo replication, whic...
PT-2026-39582
Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to...
Virtuozzo Hybrid Infrastructure 5.4 Update 3 (5.4.3-100)
In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover core storage, the system configuration, updates, documentation, and the compute services. Additionally, this release delivers stability improvements and addresses issues found in previous releases...
Improper Certificate Validation
Apache Pulsar is vulnerable to improper certificate validation. The vulnerability exists due to man in the middle attacks in intra-cluster connections and geo-replication connections which allows an attacker to take control of a machine between the client and the server...
GHSA-JVF3-MFXV-JCQR Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation
TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle...
GHSA-J3QW-G67Q-7M64 Apache Pulsar Brokers and Proxies vulnerable to Improper Certificate Validation
Apache Pulsar Brokers and Proxies create an internal Pulsar Admin Client that does not verify peer TLS certificates, even when tlsAllowInsecureConnection is disabled via configuration. The Pulsar Admin Client's intra-cluster and geo-replication HTTPS connections are vulnerable to man in the middl...
Design/Logic Flaw
TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle...
Virtuozzo Hybrid Infrastructure 5.2 Update 1 (5.2.1-57)
This update provides full support for Authorization Code Flow, as well as bug fixes and improvements. Vulnerability id: VSTOR-57337 It is impossible to set the disk role to "Unassigned" while joining a node to the cluster. Vulnerability id: VSTOR-57187 Unable to add an iSCSI target with multiple...
Virtuozzo Hybrid Infrastructure 5.4 Update 1 (5.4.1-59)
This update provides new features, as well as stability fixes for the compute and core storage services. Vulnerability id: VSTOR-62742 A VM creation fails with the error 'Unable to update the attachment.' Vulnerability id: VSTOR-65824 Some charts in the admin panel or Grafana dashboard may be...
Virtuozzo Hybrid Infrastructure 4.5 Update 2
This update provides bug fixes and improvements. Vulnerability id: VSTOR-44043 With backup storage geo-replication, promotion to the primary cluster fails with the error: "name 'payload' is not defined." Vulnerability id: VSTOR-43126 A deadlock is possible between atomic and non-atomic commands i...
Product update: Virtuozzo Hybrid Infrastructure 4.0 Update 1
This update provides a new feature, as well as bug fixes and improvements. Vulnerability id: VSTOR-38583 A non-admin user is unable to create volumes from the command line. Vulnerability id: VSTOR-38785 Enabled geo-replication on Backup Gateway with an S3 backend may result in a deadlock...
Low: Red Hat Enhancement Advisory: glusterfs bug fix and enhancement update
Updated glusterfs packages that fix several bugs and add various enhancements are now available. Red Hat Gluster Storage is software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance,...
Low: Red Hat Security Advisory: Red Hat Storage 2.0 security, bug fix, and enhancement update #3
Updated glusterfs packages that fix multiple security issues, several bugs, and contain enhancements are now available for Red Hat Storage 2.0. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...