3 matches found
CVE-2019-3766
Dell EMC ECS CVE-2019-3766 affects Dell EMC ECS versions prior to 3.4.0.0 and is due to an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could perform a password brute-force to gain access to targeted accounts. The vulnerability is rated HIGH/CRITIC...
CVE-2020-5317
Dell EMC ECS is affected by a Cross‑Site Scripting (XSS) vulnerability in versions prior to 3.4.0.1. A remote authenticated attacker can store malicious HTML/JavaScript in a trusted application data store, which executes in victims’ browsers when accessing the data store. A fixed version is 3.4.0...
CVE-2020-5386
Dell EMC Elastic Cloud Storage (ECS) prior to version 3.5 contains an Exposure of Resource vulnerability. An unauthenticated remote attacker can access the list of DT (Directory Table) objects for all internal running services, gaining knowledge of sensitive system data due to improper management...