Описание
Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.3.0 (исключая)
cpe:2.3:a:dell:xtremio_management_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00103
Низкий
6.7 Medium
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
CWE-732
Связанные уязвимости
github
больше 3 лет назад
Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access.
EPSS
Процентиль: 29%
0.00103
Низкий
6.7 Medium
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
CWE-732