CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14384

In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by supplying specially crafted strings in input parameters of the application. A malicious user cannot delete or modify any files via this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.048

EPSS Ranking 89.1%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

http://topics-cdn.dell.com/pdf/storage-sc2000_release%20notes24_en-us.pdf
http://www.securityfocus.com/bid/103467
http://topics-cdn.dell.com/pdf/storage-sc2000_release%20notes24_en-us.pdf
http://www.securityfocus.com/bid/103467

Products affected by CVE-2017-14384

Dell » Storage Manager » Version: Any

cpe:2.3:a:dell:storage_manager:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14384

Products

Pricing

Contact Us