CVE-2024-25955

Name of the Vulnerable Software and Affected Versions Dell vApp Manager versions prior to 9.2.4.9

Description The issue is related to a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability, leading to the execution of an inserted command. This is due to the failure to neutralize special elements used in the operating system command. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary commands.

Recommendations For versions prior to 9.2.4.9, upgrade to version 9.2.4.9 or later at the earliest opportunity to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable component to minimize the risk of exploitation.