EMC Cloud Tiering Appliance (CTA) 绕过身份验证漏洞
EMC Cloud Tiering Appliance (CTA) 绕过身份验证漏洞
发布日期:2012-08-28
更新日期:2012-08-30
受影响系统:
EMC Cloud Tiering Appliance (CTA) <= 9.0
EMC Cloud Tiering Appliance (CTA) <= 7.4
EMC Cloud Tiering Appliance Virtual Edition (CTA/VE) <= 9.0
EMC Cloud Tiering Appliance Virtual Edition (CTA/VE) <= 7.4
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 55250
CVE ID: CVE-2012-2285
EMC Cloud Tiering Appliance整合了EMC VNX 和EMC Atmos,通过实施分层储存策略自动分层待用文件至云端。
EMC Cloud Tiering Appliance (CTA)在实现上存在安全限制绕过漏洞,成功利用后可允许攻击者绕过身份验证并获取管理员权限。
<*来源:shiftnumbers.com
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
EMC
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.emc.com/archiving/cloud-tiering-appliance.htm
评论暂时关闭