- Description
- Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
- Products
- recoverpoint_for_virtual_machines
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security_alert@emc.com
- CWE-284
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD0ABCD5-9273-4799-A916-3518ED5EBB46"
},
{
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1_p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "800D6F27-0B30-4E0A-94F6-B52367D50761"
},
{
"criteria": "cpe:2.3:a:dell:recoverpoint_for_virtual_machines:6.0:sp1_p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97E4273C-646D-402A-B560-13B1F3024488"
}
],
"operator": "OR"
}
]
}
]