CVE-2022-45104

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dell:evasa_provider_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:eem:*:*:*
cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:28

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities - Patch, Vendor Advisory () https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities - Patch, Vendor Advisory

07 Nov 2023, 03:54

Type Values Removed Values Added
Summary Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system. Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.

Information

Published : 2023-02-11 01:23

Updated : 2024-11-21 07:28


NVD link : CVE-2022-45104

Mitre link : CVE-2022-45104

CVE.ORG link : CVE-2022-45104


JSON object : View

Products Affected

dell

  • evasa_provider_virtual_appliance
  • unisphere_for_powermax_virtual_appliance
  • solutions_enabler_virtual_appliance
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')