Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2019-05-15 16:29
Updated : 2024-02-28 17:08
NVD link : CVE-2019-3727
Mitre link : CVE-2019-3727
CVE.ORG link : CVE-2019-3727
JSON object : View
Products Affected
dell
- emc_recoverpoint
- recoverpoint_for_virtual_machines
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')