Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Emc_data_protection_central | Dell | 1.0 (including) | 1.0 (including) |
| Emc_data_protection_central | Dell | 1.0.1 (including) | 1.0.1 (including) |
| Emc_data_protection_central | Dell | 18.1 (including) | 18.1 (including) |
| Emc_data_protection_central | Dell | 18.2 (including) | 18.2 (including) |
| Emc_data_protection_central | Dell | 19.1 (including) | 19.1 (including) |
| Emc_integrated_data_protection_appliance | Dell | 2.0 (including) | 2.0 (including) |
| Emc_integrated_data_protection_appliance | Dell | 2.1 (including) | 2.1 (including) |
| Emc_integrated_data_protection_appliance | Dell | 2.2 (including) | 2.2 (including) |
| Emc_integrated_data_protection_appliance | Dell | 2.3 (including) | 2.3 (including) |
| Emc_integrated_data_protection_appliance | Dell | 2.4 (including) | 2.4 (including) |