MEDIUM✓ PATCH🇬🇧 English

CVE-2022-45103

CVSS 6.5v3.1pub. 2023-01-18upd. 2024-11-21

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Dell Emc Solutions Enabler Virtual Appliance

    APP
    Dell
    < 9.2.3.6
  • Dell Emc Unisphere For Powermax

    APP
    Dell
    < 9.2.3.2210.0.0.0 – 10.0.0.5 (bez)
  • Dell Emc Unisphere For Powermax Virtual Appliance

    APP
    Dell
    < 9.2.3.22
  • Dell Emc Vasa Provider Virtual Appliance

    APP
    Dell
    < 9.2.4.15
  • Dell Powermax Os

    OS
    Dell
    5978
  • Dell Solutions Enabler

    APP
    Dell
    10.0.0.0 – 10.0.0.5 (bez)< 9.2.3.6
  • Dell Unisphere 360

    APP
    Dell
    < 9.2.3.12
  • Dell Vasa Provider

    APP
    Dell
    < 9.2.4.22
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2018-1183CRITICAL9.8ten sam produkt

In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...

CVE-2018-1216CRITICAL9.8ten sam produkt

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for...

CVE-2017-4997CRITICAL9.8ten sam produkt

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vuln...

CVE-2023-48660HIGH7.5ten sam produkt

Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker c...

CVE-2023-48662HIGH7.2ten sam produkt

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious us...