Unsolved
10 Posts
0
302
April 4th, 2022 10:00
ME4024 Storage Array, configuration for high security enviornment
We have PowerVault ME4024 Storage arrays in a high security environment. When security scans the TCP ports, they are reporting an information disclosure vulnerability on the web pages displayed on HTTP port 8080. I'm including a redacted image below of what is displayed.There is not a CVE associated with this, one of security scans labels this as a vulnerability due to the information disclosed ( one example is user = root)
If this port can be disabled, please provide instructions. If this port cannot be disabled, can I please have a reason why it is accessible without a login.
DELL-Joey C
Moderator
•
4.1K Posts
0
April 4th, 2022 19:00
Hello @946one,
I'm Joey from the social support. Unfortunately I don't have any documentation on if the port can be disable. I may need to suggest you to contact support to raise a case to engineering to check the information needed for your environment requirements. Apologies, I can't be much help on this.