Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.
References
Configurations
Configuration 1 (hide)
|
History
27 Jan 2025, 18:57
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:* cpe:2.3:a:dell:powermax_eem:5978:*:*:*:*:*:*:* cpe:2.3:a:dell:solutions_enabler_virtual_appliance:*:*:*:*:*:*:*:* |
|
| First Time |
Dell
Dell powermax Eem Dell solutions Enabler Virtual Appliance Dell unisphere For Powermax Virtual Appliance |
|
| CWE | CWE-77 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| References | () https://www.dell.com/support/kbdoc/en-us/000223609/dsa-2024-108-dell-powermaxos-5978-dell-powermax-os-10-0-1-5-dell-powermax-os-10-1-0-2-dell-unisphere-360-unisphere-powermax-unisphere-powermax-vapp-dell-solutions-enabler-vapp-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities - Vendor Advisory |
28 Mar 2024, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-28 19:15
Updated : 2025-01-27 18:57
NVD link : CVE-2024-25946
Mitre link : CVE-2024-25946
JSON object : View
Products Affected
dell
- powermax_eem
- unisphere_for_powermax_virtual_appliance
- solutions_enabler_virtual_appliance
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')