EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions before 5.0 are affected by multiple command injection vulnerabilities where a malicious administrator with configuration privileges may bypass the user interface and escalate his privileges to root.
CPE | Name | Operator | Version |
---|---|---|---|
recoverpoint | le | 4.4.1.0 | |
recoverpoint_for_virtual_machines | le | 4.0 |