PT-2018-13196 · Dell Emc · Dell Emc Recoverpoint For Vms+1

Bao7Uo

Published

2018-11-13

Updated

2019-02-04

CVE-2018-15772

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Dell EMC RecoverPoint versions prior to 5.1.2.1 Dell EMC RecoverPoint for VMs versions prior to 5.2.0.2

Description The issue allows a malicious boxmgmt user to potentially consume a large amount of CPU bandwidth, making the system slow. It may also enable the determination of the existence of any system file via Boxmgmt CLI.

Recommendations For Dell EMC RecoverPoint versions prior to 5.1.2.1, update to version 5.1.2.1 or later. For Dell EMC RecoverPoint for VMs versions prior to 5.2.0.2, update to version 5.2.0.2 or later.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2018-15772

Affected Products

Dell Emc Recoverpoint

Dell Emc Recoverpoint For Vms

PT-2018-13196 · Dell Emc · Dell Emc Recoverpoint For Vms+1

CVE-2018-15772

Weakness Enumeration

Related Identifiers

Affected Products

References · 5