CVE-2018-1239
HIGHDell EMC Unity Operating Environment < 4.3.0.1522077968 - Authenticated OS Command Injection
Title source: llmDescription
Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.
References (2)
Core 2
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2018/May/15
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104092
Scores
CVSS v3
7.2
EPSS
0.0250
EPSS Percentile
85.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (2)
dell/emc_unity_operating_environment
< 4.3.0.1522077968
dell/emc_unityvsa_operating_environment
< 4.3.0.1522077968
Published
May 08, 2018
Tracked Since
Feb 18, 2026