MEDIUM🇵🇱 Wersja polska

CVE-2018-1242

CVSS 6.5v3.0pub. 2018-05-29upd. 2024-11-21

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Emc Recoverpoint

    APP
    Emc
    < 5.1.2
  • Emc Recoverpoint For Virtual Machines

    APP
    Emc
    < 5.1.1.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2018-1235CRITICAL9.8ten sam produkt

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a co...

CVE-2018-1241HIGH8.8ten sam produkt

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certai...

CVE-2016-6650HIGH7.5ten sam produkt

EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an...

CVE-2015-4526HIGH7.2ten sam produkt

EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to obtain root-shell access by bypassing th...

CVE-2018-15771MEDIUM5.5ten sam produkt

Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an ...