Multiple Dell EMC Products CVE-2018-1239 Multiple Remote Command Injection Vulnerabilities
by CIRT Team
Description: Multiple Dell EMC Products are prone to multiple remote command-injection vulnerabilities. Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities.
Impact: A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.
Mitigation: Updates are available. Please see the references or vendor advisory for more information.
Reference URL’s:
- http://seclists.org/fulldisclosure/2018/May/15
- https://support.emc.com/downloads/39949_Dell-EMC-Unity-Family
- https://www.securityfocus.com/bid/104092/info