Incorrect access control in the Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to bypass authentication due to insecure token generation.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-12-03 14:29
Updated : 2020-03-13 11:15
NVD link : CVE-2018-14709
Mitre link : CVE-2018-14709
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
drobo
- 5n2_firmware
- 5n2