Digital Defense Discovers Zero-Day Vulnerability In Dell EqualLogic Storage Solution
A remote unauthenticated attacker could potentially leverage the vulnerability to retrieve system files
April 16, 2013
PRESS RELEASE
SAN ANTONIO, April 15, 2013 /PRNewswire/ -- Digital Defense, Inc. (DDI), a leading provider of managed cloud-based security risk assessments, announced a zero-day finding, discovered by the company's Vulnerability Research Team (VRT).
The flaw is a directory traversal which resides in the Dell EqualLogic solution.
A remote unauthenticated attacker could potentially leverage the vulnerability to retrieve system files. This security issue was revealed using DDI's patent-pending vulnerability scanning technology.
Dell has been swift in responding to the issue, stating that the vulnerability will be addressed in both the next maintenance release of the firmware, version 6.0.4, and in the next major firmware version. Dell plans to release the updated firmware on April 15, 2013 and has stated that it will be available to customers with valid support agreements through the EqualLogic support website https://support.equallogic.com/ EqualLogic customers are encouraged to update their systems in a timely manner to mitigate any potential risk associated with the vulnerability.
Larry Hurtado, DDI President & CEO, states, "Zero-Day Vulnerabilities, those flaws which have not been previously identified, add significant risk to a company's security of critical information assets. The delivery of our solutions through a cloud-based platform, coupled with a research team that is continuously extracting and analyzing data, enables a heightened level of security for our clients."
DDI's continues to demonstrate the strength of the organization's research expertise through multiple Zero-day discoveries over the past 12 months including those within widely used platforms such as VMware®, Novell® and Epicor®. This Decisive Security Intelligence is improving the security posture of organizations across the globe.
In addition to security intelligence, DDI is gaining recognition for their unique approach to evaluating organizational security through risk assessments and security awareness education. The company was recently featured in a Wall Street Journal article.
About Digital Defense
Founded in 1999, Digital Defense, Inc. (DDI) is the premier provider of managed security risk assessment solutions protecting billions in assets for small businesses to Fortune companies in over 65 countries. DDI's dedicated team of experts helps organizations establish a culture of security through regular information security assessments, awareness education and Decisive Security Intelligence. This proven method bolsters the capability of organizations to reduce risk and keep information, intellectual property and reputations secure.
The combination of DDI's certified Security Analysts, patent-pending scanning technology and proprietary cloud-based vulnerability management system,
Frontline(TM) Solutions Platform, delivers the most powerful assessment results and remediation management solutions possible.
You May Also Like