CVE-2023-39245
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-39245 is a newly discovered information disclosure vulnerability affecting DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0. An attacker, without requiring authentication, can exploit this vulnerability present in the EHAC component by intercepting network traffic. The successful exploitation of this issue may result in the unauthorized disclosure of admin-level credentials, posing a significant risk to the affected systems. Organizations using this version of DELL ESI for SAP LAMA are advised to apply the necessary patches to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.