Dell: >> Powerprotect Cyber Recovery >> 18.1.1.3 Security Vulnerabilities
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact with the docker registry API leading to an authentication bypass. The attacker may potentially alter the docker images leading to a loss of integrity and confidentiality
CVSS Score
9.8
EPSS Score
0.002
Published
2022-09-01
Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-07-07