High
Third-party Component |
CVEs |
More Information |
---|---|---|
Apache HTTP Server |
CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709 |
See NVD link below for Individual scores for each CVE. |
Java |
CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21145, CVE-2024-21147 |
See NVD link below for Individual scores for each CVE. |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
---|---|---|---|
CVE-2024-51540 |
Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket or object-level access and the necessary privileges could potentially exploit this vulnerability to bypass retention policies and delete objects. |
8.1 |
|
CVE-2024-52534 |
Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft. |
5.4 |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
---|---|---|---|
CVE-2024-51540 |
Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket or object-level access and the necessary privileges could potentially exploit this vulnerability to bypass retention policies and delete objects. |
8.1 |
|
CVE-2024-52534 |
Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft. |
5.4 |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Elastic Cloud Storage | Versions prior to 3.8.1.3 | Versions 3.8.1.3 or later | Click here to open an “Operating Environment Upgrade” Service Request |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Elastic Cloud Storage | Versions prior to 3.8.1.3 | Versions 3.8.1.3 or later | Click here to open an “Operating Environment Upgrade” Service Request |
Revision |
Date |
Description |
---|---|---|
1.0 |
2024-12-17 |
Initial Release |
2.0 |
2024-12-25 |
Updated for enhanced format presentation with no changes to content. |