Vulnerability Details CVE-2018-1235
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.564
EPSS Ranking 98.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2018-1235
-
cpe:2.3:a:emc:recoverpoint:4.4.1.0
-
cpe:2.3:a:emc:recoverpoint:4.4.1.1
-
cpe:2.3:a:emc:recoverpoint:5.0
-
cpe:2.3:a:emc:recoverpoint:5.0.1.3
-
cpe:2.3:a:emc:recoverpoint:5.1.0.0
-
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:4.0
-
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:4.4.1.1
-
cpe:2.3:a:emc:recoverpoint_for_virtual_machines:5.1.1