MEDIUM🇬🇧 English

CVE-2018-1242

CVSS 6.5v3.0pub. 2018-05-29upd. 2024-11-21

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Emc Recoverpoint

    APP
    Emc
    < 5.1.2
  • Emc Recoverpoint For Virtual Machines

    APP
    Emc
    < 5.1.1.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2018-1235CRITICAL9.8ten sam produkt

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a co...

CVE-2018-1241HIGH8.8ten sam produkt

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certai...

CVE-2016-6650HIGH7.5ten sam produkt

EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an...

CVE-2015-4526HIGH7.2ten sam produkt

EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to obtain root-shell access by bypassing th...

CVE-2018-15771MEDIUM5.5ten sam produkt

Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an ...