This security bulletin contains one high risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to different installations share a static encryption key. A remote unauthenticated attacker can use the static key to craft a valid session token and access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.Mitigation
Install update from vendor's website.Vulnerable software versions
Dell EMC Connectrix DCNM: 11.0(1) - 11.3(1)
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?