EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system.
The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.
Link | Tags |
---|---|
http://seclists.org/fulldisclosure/2017/Sep/74 | third party advisory mailing list |
http://www.securityfocus.com/bid/101018 | vdb entry third party advisory |