CVE-2019-18580

CRITICAL

Dell EMC Storage Monitoring and Reporting <4.3.1 - Deserialization

Title source: llm

Description

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/security/en-us/details/538977/DSA-2019-176-Dell-EMC-Storage-Monitoring-and-Reporting-SMR-Java-RMI-Deserialization-of-Untruste

Scores

CVSS v3 10.0

EPSS 0.1184

EPSS Percentile 93.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-502

Status published

Products (1)

dell/emc_storage_monitoring_and_reporting 4.3.1

Published Nov 26, 2019

Tracked Since Feb 18, 2026