PT-2018-13195 · Dell Emc · Dell Emc Recoverpoint For Vms+1

Bao7Uo

Published

2018-11-13

Updated

2019-02-01

CVE-2018-15771

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Dell EMC RecoverPoint versions prior to 5.1.2.1 Dell EMC RecoverPoint for VMs versions prior to 5.2.0.2

Description The issue allows a malicious boxmgmt user to potentially determine the existence of any system file via Boxmgmt CLI. This is an information disclosure issue.

Recommendations For Dell EMC RecoverPoint versions prior to 5.1.2.1, update to version 5.1.2.1 or later. For Dell EMC RecoverPoint for VMs versions prior to 5.2.0.2, update to version 5.2.0.2 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-15771

Affected Products

Dell Emc Recoverpoint

Dell Emc Recoverpoint For Vms

PT-2018-13195 · Dell Emc · Dell Emc Recoverpoint For Vms+1

CVE-2018-15771

Weakness Enumeration

Related Identifiers

Affected Products

References · 5