Improper Authorization Vulnerability in Dell EMC Unity and UnityVSA

Improper Authorization Vulnerability in Dell EMC Unity and UnityVSA

CVE-2019-3734 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users.

Learn more about our Cis Benchmark Audit For Server Software.