CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48663
https://notcve.org/view.php?id=CVE-2023-48663
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema operativo en el sistema afectado. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48662
https://notcve.org/view.php?id=CVE-2023-48662
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema operativo en el sistema afectado. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48661
https://notcve.org/view.php?id=CVE-2023-48661
Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de lectura de archivos arbitraria. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad para leer archivos arbitrarios del sistema de destino. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48660
https://notcve.org/view.php?id=CVE-2023-48660
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de lectura de archivos arbitraria. Un atacante remoto podría explotar esta vulnerabilidad para leer archivos arbitrarios del sistema de destino. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-48668
https://notcve.org/view.php?id=CVE-2023-48668
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the managed system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker on a managed system of DDMC. Dell PowerProtect DD, versiones anteriores a 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 en DDMC contienen una vulnerabilidad de inyección de comandos del sistema operativo en una operación de administración. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de comandos arbitrarios del sistema operativo en el sistema operativo subyacente de la aplicación del sistema administrado con los privilegios de la aplicación vulnerable. • https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •