PT-2023-21586 · Dsm · Dsm
Published
2023-08-10
·
Updated
2023-10-18
·
CVE-2023-28129
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Desktop & Server Management (DSM) versions prior to 2022.2 SU2
Description
The issue allows a local low privileged account to execute arbitrary OS commands as the DSM software installation user. This could potentially lead to the execution of arbitrary commands.
Recommendations
For versions prior to 2022.2 SU2, update to version 2022.2 SU2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Dsm