CVE-2024-38485 Information

Description

Dell ECS versions prior to 3.8.0 contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage.

Reference

https://www.dell.com/support/kbdoc/en-us/000256185/dsa-2024-331-security-update-for-dell-ecs-host-header-injection-vulnerability