{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T02:16:09.196","vulnerabilities":[{"cve":{"id":"CVE-2017-14384","sourceIdentifier":"security_alert@emc.com","published":"2018-03-16T20:29:00.290","lastModified":"2024-11-21T03:12:40.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by supplying specially crafted strings in input parameters of the application. A malicious user cannot delete or modify any files via this vulnerability."},{"lang":"es","value":"En versiones anteriores a la 16.3.20 de Dell Storage Manager, el servicio EMConfigMigration se ha visto afectado por una vulnerabilidad de salto de directorio. Un usuario malicioso remoto podría explotar esta vulnerabilidad para leer archivos no autorizados proporcionando cadenas especialmente manipuladas en los parámetros de entrada de la aplicación. Un usuario malicioso no puede borrar o modificar archivos mediante esta vulnerabilidad."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:storage_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"16.3.20","matchCriteriaId":"DC143803-C9B4-4054-B171-9FBD2E77209B"}]}]}],"references":[{"url":"http://topics-cdn.dell.com/pdf/storage-sc2000_release%20notes24_en-us.pdf","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103467","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://topics-cdn.dell.com/pdf/storage-sc2000_release%20notes24_en-us.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/103467","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}