- Description
- Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security_alert@emc.com
- CWE-78
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:smartfabric_storage_software:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BD8875C-3CAC-443C-A6B5-FE7F702B5DFD",
"versionEndExcluding": "1.4.1"
}
],
"operator": "OR"
}
]
}
]