What is the severity level of CVE-2019-3746?

CVE-2019-3746 has a severity level of 8.8 (Critical).

Which versions of Dell EMC Integrated Data Protection Appliance are affected by CVE-2019-3746?

Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 are affected by CVE-2019-3746.

Vulnerability/
CVE-2019-3746

critical

9.8

CWE

307

27/9/2019

17/9/2024

CVE-2019-3746

First published: Fri Sep 27 2019(Updated: )

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of authentication attempts to the ACM API. An authenticated remote user may exploit this vulnerability to launch a brute-force authentication attack in order to gain access to the system.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell Emc Integrated Data Protection Appliance Firmware	=2.0
Dell Emc Integrated Data Protection Appliance Firmware	=2.1
Dell Emc Integrated Data Protection Appliance Firmware	=2.2
Dell Emc Idpa Dp4400
Dell Emc Idpa Dp5800
Dell Emc Idpa Dp8300
Dell Emc Idpa Dp8800

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/security/en-us/details/536363/DSA-2019-112-Dell-EMC-Integrated-Data-Protection-Appliance-Multiple-Vulnerabilities

Frequently Asked Questions

What is the vulnerability ID for this Dell EMC Integrated Data Protection Appliance vulnerability?
The vulnerability ID for this Dell EMC Integrated Data Protection Appliance vulnerability is CVE-2019-3746.
What is the severity level of CVE-2019-3746?
CVE-2019-3746 has a severity level of 8.8 (Critical).
How does CVE-2019-3746 affect Dell EMC Integrated Data Protection Appliance versions prior to 2.3?
CVE-2019-3746 allows an authenticated remote user to launch a brute-force authentication attack in order to gain access to the system on Dell EMC Integrated Data Protection Appliance versions prior to 2.3.
Which versions of Dell EMC Integrated Data Protection Appliance are affected by CVE-2019-3746?
Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 are affected by CVE-2019-3746.
How can I fix CVE-2019-3746?
To fix CVE-2019-3746, update the Dell EMC Integrated Data Protection Appliance firmware to version 2.3 or later.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/last-modified-date
agent/weakness
agent/author
agent/description
agent/event
agent/softwarecombine
agent/first-publish-date
agent/tags
vendor/dell
canonical/dell emc integrated data protection appliance firmware
version/dell emc integrated data protection appliance firmware/2.0
version/dell emc integrated data protection appliance firmware/2.1
version/dell emc integrated data protection appliance firmware/2.2
canonical/dell emc idpa dp4400
canonical/dell emc idpa dp5800
canonical/dell emc idpa dp8300
canonical/dell emc idpa dp8800

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.