CVE-2018-11063
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary executables with elevated privileges.
Dell WMS, en versiones 1.1 y anteriores, se ha visto afectado por múltiples vulnerabilidad de ruta de servicio sin entrecomillar. El software afectado instala múltiples servicios incorrectamente especificando las rutas a los ejecutables del servicio sin entrecomillar. Esto podría permitir que un usuario local sin privilegios ejecute archivos ejecutables arbitrarios con privilegios elevados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-05-14 CVE Reserved
- 2018-08-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-428: Unquoted Search Path or Element
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Wyse Management Suite Search vendor "Dell" for product "Wyse Management Suite" | <= 1.1 Search vendor "Dell" for product "Wyse Management Suite" and version " <= 1.1" | pro |
Affected
| ||||||
Dell Search vendor "Dell" | Wyse Management Suite Search vendor "Dell" for product "Wyse Management Suite" | <= 1.1 Search vendor "Dell" for product "Wyse Management Suite" and version " <= 1.1" | standard |
Affected
|