CVE-2019-18581
Dell EMC Data Protection Advisor (DPA) versions 6.3, 6.4, 6.5, 18.2 before patch 83, and 19.1 before patch 71 are affected by a server missing authorization in the REST API. A remote authenticated administrator could potentially modify the application’s allowed OS commands list, enabling arbitrar...