Main Vulnerability Database Vulnerabilities #VU76445

#VU76445 Improper Verification of Cryptographic Signature in EMC ECS - CVE-2023-25934

Published: May 23, 2023

Vulnerability identifier: #VU76445

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-25934

CWE-ID: CWE-347

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
EMC ECS

Software vendor:
Dell

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a bimproper verification of cryptographic signature. A remote unauthenticated attacker with an ability to intercept the request can exploit this vulnerability to modify the body data of the request.

Remediation

Install updates from vendor's website.

External links

https://www.dell.com/support/kbdoc/en-us/000212970/dsa-2023-109-dell-ecs-security-update-for-multiple-vulnerabilities

#VU76445 Improper Verification of Cryptographic Signature in EMC ECS - CVE-2023-25934

Description

Remediation

External links

Please verify you're human