Описание
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.1.3 (исключая)Версия до 5.2.0.2 (исключая)
Одно из
cpe:2.3:a:dell:emc_recoverpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:recoverpoint_for_virtual_machines:*:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00041
Низкий
6.4 Medium
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 6.7
github
больше 3 лет назад
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root.
EPSS
Процентиль: 12%
0.00041
Низкий
6.4 Medium
CVSS3
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-78