Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by directly interacting with certain APIs of Unity OE, bypassing Role-Based Authorization control implemented only in Unisphere GUI.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2018-09-28T18:00:00Z

Updated: 2024-09-17T04:04:33.853Z

Reserved: 2017-12-06T00:00:00

Link: CVE-2018-1250

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-28T18:29:00.973

Modified: 2019-10-09T23:38:17.177

Link: CVE-2018-1250

cve-icon Redhat

No data.