Command injection

2022-07-2104:15:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

JSON

Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.

CPENameOperatorVersion
emc_powerstore_1200t_firmwareeq< 3.0.0.0-1732745
emc_powerstore_3200t_firmwareeq< 3.0.0.0-1732745
emc_powerstore_500t_firmwareeq< 3.0.0.0-1732745
emc_powerstore_5200t_firmwareeq< 3.0.0.0-1732745
emc_powerstore_9200t_firmwareeq< 3.0.0.0-1732745

Name	Operator	Version
emc_powerstore_1200t_firmware	eq	< 3.0.0.0-1732745
emc_powerstore_3200t_firmware	eq	< 3.0.0.0-1732745
emc_powerstore_500t_firmware	eq	< 3.0.0.0-1732745
emc_powerstore_5200t_firmware	eq	< 3.0.0.0-1732745
emc_powerstore_9200t_firmware	eq	< 3.0.0.0-1732745

References

www.dell.com/support/kbdoc/000201283