Dell EMC ECS CVE-2019-3766 Authentication Bypass Vulnerability

2019-09-24T00:00:00
ID SMNTC-110224
Type symantec
Reporter Symantec Security Response
Modified 2019-09-24T00:00:00

Description

Description

Dell EMC ECS is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and aid in brute-force attacks; other attacks may also be possible. Versions prior to Dell EMC ECS 3.4.0.0 are vulnerable.

Technologies Affected

  • Dell EMC ECS 3.1.0.0
  • Dell EMC ECS 3.2.0.0
  • Dell EMC ECS 3.2.0.1
  • Dell EMC ECS 3.3.0.0

Recommendations

Block external access at the network boundary, unless external parties require service.
Filter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy a NID sensor between the network perimeter and the affected service. Flag on all requests that appear to be anomalous. Audit logs regularly for evidence of attacks.

Updates are available. Please see the references or vendor advisory for more information.