SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.
Metrics
Affected Vendors & Products
History
No history.
MITRE
Status: PUBLISHED
Assigner: HITVAN
Published: 2023-12-11T17:54:11.961Z
Updated: 2024-08-02T08:35:13.612Z
Reserved: 2023-12-05T22:12:50.307Z
Link: CVE-2023-6538
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-11T18:15:30.250
Modified: 2023-12-14T17:02:15.203
Link: CVE-2023-6538
Redhat
No data.