Описание
Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.1.2.1 (исключая)Версия до 5.2.0.2 (исключая)
Одно из
cpe:2.3:a:emc:recoverpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.0008
Низкий
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI.
EPSS
Процентиль: 24%
0.0008
Низкий
5.5 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-200