CVE-2016-8216

MEDIUM

EMC DD OS <5.5.5.0, <5.6.2.0, <5.7.2.10 - Command Injection

Title source: llm

Description

EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10 has a command injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.

References (3)

[Mailing List, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/540059/30/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95829

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1037728

Scores

CVSS v3 6.7

EPSS 0.0019

EPSS Percentile 40.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-264

Status published

Affected Products (5)

dell/emc_data_domain_os

n/a/EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6. < EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 fa

Timeline

Published Feb 03, 2017

Tracked Since Feb 18, 2026