CVE-2023-6538

Publication date

2023-12-11 17:54:11

Family

HITVAN

State

PUBLISHED

Description

SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles.