Lucene search
SAINT CorporationSAINT:8553B0625DE0839658BB1E05F46F238DHistoryJul 05, 2018 - 12:00 a.m.
EMC RecoverPoint command injection in SSH username
2018-07-0500:00:00
SAINT Corporation
download.saintcorporation.com
528
0.045 Low
EPSS
Percentile
92.5%
Added: 07/05/2018
CVE: CVE-2018-1235
BID: 104246
Background
Dell EMC RecoverPoint is an application recovery solution.
Problem
A command injection vulnerability allows a remote attacker to execute arbitrary commands embedded in the username of an SSH authentication request.
Resolution
Upgrade to Dell EMC RecoverPoint for Virtual Machines 5.1.1.3 or higher, or to Dell EMC RecoverPoint 5.1.2 or later.
References
<http://seclists.org/fulldisclosure/2018/May/61>
<https://www.foregenix.com/blog/foregenix-identify-multiple-dellemc-recoverpoint-zero-day-vulnerabilities>
Platforms
Linux
Related
exploitpack
exploitpack
Dell EMC RecoverPoint 5.1.2 - Local Root Command Execution
2018-06-21 00:00:00
Dell EMC RecoverPoint 5.1.2 - Remote Root Command Execution
2018-06-21 00:00:00
zdt
zdt
Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution Vulnerability
2018-06-22 00:00:00
packetstorm
packetstorm
Dell EMC RecoverPoint Local Root Command Execution
2018-06-21 00:00:00
Dell EMC RecoverPoint Remote Root
2018-06-21 00:00:00
saint
saint
EMC RecoverPoint command injection in SSH username
2018-07-05 00:00:00
EMC RecoverPoint command injection in SSH username
2018-07-05 00:00:00
cvelist
cvelist
CVE-2018-1235
2018-05-22 00:00:00
cve
cve
CVE-2018-1235
2018-05-29 17:29:00
nvd
nvd
CVE-2018-1235
2018-05-29 17:29:00
prion
prion
Command injection
2018-05-29 17:29:00
exploitdb
exploitdb
Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution
2018-06-21 00:00:00
Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution
2018-06-21 00:00:00
threatpost
threatpost