CVE-2023-39245

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 15, 2024
CWE ID 319

Summary

CVE-2023-39245 is a newly discovered information disclosure vulnerability affecting DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0. An attacker, without requiring authentication, can exploit this vulnerability present in the EHAC component by intercepting network traffic. The successful exploitation of this issue may result in the unauthorized disclosure of admin-level credentials, posing a significant risk to the affected systems. Organizations using this version of DELL ESI for SAP LAMA are advised to apply the necessary patches to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share