EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDell Emc Vasa Provider Virtual Appliance
APPDell≤ 8.3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
Related vulnerabilities
CVE-2018-1183CRITICAL9.8ten sam produkt
In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual...
CVE-2022-45103MEDIUM6.5ten sam produkt
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an in...
CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor
Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)
CVE-2026-41120CRITICAL9.8PL ✓ten sam vendor
RCE w Dell Wyse Management Suite — akceptacja niezaufanych danych
CVE-2026-40636CRITICAL9.8PL ✓ten sam vendor
Dell ECS / ObjectScale — podatność hard-coded credentials umożliwiająca dostęp do systemu plików