mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-21 21:26:50 +02:00
0xMarcio
962 B
962 B
CVE-2018-1250
Description
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by directly interacting with certain APIs of Unity OE, bypassing Role-Based Authorization control implemented only in Unisphere GUI.