|CVSS SCORE||10.0, (AV:N/AC:L/Au:N/C:C/I:C/A:C)|
LeftHand Virtual SAN
The flaw exists within the hydra component which listens by default on 13841/tcp. The hydra daemon is responsible for management remote operations such as user creation, snapshots, etc. Insufficient authentication is performed prior to performing administrative level tasks. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.