CVE-2018-11063

Name of the Vulnerable Software and Affected Versions Dell WMS versions 1.1 and prior

Description The issue is related to multiple unquoted service path vulnerabilities. The affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary executables with elevated privileges.

Recommendations For Dell WMS versions 1.1 and prior, update to a version that properly quotes service paths to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.