CVE Vulnerability

CVE-2022-45104

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:eem:*:*:*
cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:evasa_provider_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*
Information

Published : 2023-02-11 01:23

Updated : 2023-02-21 03:55

NVD link : CVE-2022-45104

Mitre link : CVE-2022-45104

Products Affected
No products.
CWE
CWE-78