4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
5.2%
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application’s underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
[
{
"defaultStatus": "unaffected",
"product": "Dell VxRail HCI",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7.0.x versions before 7.0.450"
}
]
}
]