33A6099

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.9 **Description** The issue is related to a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability, leading to the execution of an inserted command. This is due to the failure to neutralize special elements used in the operating system command. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary commands. **Recommendations** For versions prior to 9.2.4.9, upgrade to version 9.2.4.9 or later at the earliest opportunity to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.x **Description** The issue allows a remote malicious user with high privileges to potentially exploit it and read arbitrary files from the target system. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.x **Description** A command injection vulnerability exists, allowing a remote malicious user with high privileges to potentially exploit this issue, leading to the execution of arbitrary OS commands on the affected system. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation by a remote malicious user with high privileges.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.x **Description** A command injection vulnerability exists, allowing a remote malicious user with high privileges to potentially exploit this issue, leading to the execution of arbitrary OS commands on the affected system. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation by a remote malicious user with high privileges.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manger versions prior to 9.2.4.x **Description** The issue allows a remote attacker to potentially exploit an arbitrary file read vulnerability, enabling them to read arbitrary files from the target system. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.x **Description** A command injection vulnerability exists, allowing a remote malicious user with high privileges to potentially exploit this issue, leading to the execution of arbitrary OS commands on the affected system. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation by a remote malicious user with high privileges.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.x **Description** A remote attacker could potentially exploit this issue to obtain sensitive information, which may aid in further attacks. This is an information disclosure vulnerability. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Dell vApp Manager versions prior to 9.2.4.x **Description** A command injection vulnerability exists, allowing a remote malicious user with high privileges to potentially exploit this issue and execute arbitrary OS commands on the affected system. **Recommendations** For versions prior to 9.2.4.x, update to version 9.2.4.x or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation by a remote malicious user with high privileges.