Command Injection Vulnerability in EMC RecoverPoint for Virtual Machines
CVE-2018-1184
6.7MEDIUM
What is CVE-2018-1184?
An issue was identified in EMC RecoverPoint for Virtual Machines where a command injection vulnerability in the Boxmgmt CLI could be exploited. This flaw enables an attacker with boxmgmt privileges to circumvent the Boxmgmt CLI and execute arbitrary commands with root access. Users of affected versions should update to the latest release to mitigate potential security risks.
Affected Version(s)
EMC RecoverPoint for Virtual Machines prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, EMC RecoverPoint prior to 5.0.1.3 EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, EMC RecoverPoint versions prior to 5.0.1.3