HIGH✓ PATCH🇬🇧 English

CVE-2024-25955

CVSS 7.2v3.1pub. 2024-03-28upd. 2025-01-27

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Dell Powermax Eem

    APP
    Dell
    5978
  • Dell Solutions Enabler Virtual Appliance

    APP
    Dell
    < 9.2.4.6
  • Dell Unisphere For Powermax Virtual Appliance

    APP
    Dell
    < 9.2.4.9
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2025-36588HIGH8.8ten sam produkt

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements us...

CVE-2025-36589HIGH7.6ten sam produkt

Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External Entity Ref...

CVE-2025-36595HIGH7.2ten sam produkt

Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in S...

CVE-2024-25946HIGH7.2ten sam produkt

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker...

CVE-2023-48663HIGH7.2ten sam produkt

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious us...