Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage.
Metrics
Affected Vendors & Products
References
History
Mon, 09 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 09 Dec 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage. | |
Weaknesses | CWE-601 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2024-12-09T14:46:33.460Z
Updated: 2024-12-09T15:04:10.451Z
Reserved: 2024-06-18T01:53:34.136Z
Link: CVE-2024-38485
Vulnrichment
Updated: 2024-12-09T15:04:06.437Z
NVD
Status : Received
Published: 2024-12-09T15:15:14.110
Modified: 2024-12-09T15:15:14.110
Link: CVE-2024-38485
Redhat
No data.