Описание
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 5.1.2 (исключая)Версия до 5.1.1.3 (исключая)
Одно из
cpe:2.3:a:emc:recoverpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:*:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.5175
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.
EPSS
Процентиль: 98%
0.5175
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78