Command Injection Vulnerability in EMC Data Domain OS Products
CVE-2016-8216
Summary
EMC Data Domain OS contains a command injection vulnerability that allows malicious users to execute arbitrary commands on the system. This flaw exists in various versions of the product, specifically in the Data Domain OS 5.4 and certain earlier versions of 5.5, 5.6, and 5.7. If exploited, this vulnerability could enable attackers to manipulate the affected systems, putting data integrity and security at significant risk. Users of these versions are advised to upgrade to the latest versions to mitigate this vulnerability.
Affected Version(s)
EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all , EMC Data Domain OS (DD OS) 5.5 family all prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all prior to 5.7.2.10 EMC Data Domain DD OS EMC Data Domain OS (DD OS) 5.4 all versions, EMC Data Domain OS (DD OS) 5.5 family all versions prior to 5.5.5.0, EMC Data Domain OS (DD OS) 5.6 family all versions prior to 5.6.2.0, EMC Data Domain OS (DD OS) 5.7 family all versions prior to 5.7.2.10
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved