CVE-2018-15772

Published: Nov 13, 2018Modified: Nov 21, 2024

7.1

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. A malicious boxmgmt user may potentially be able to consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.

Affected (2)

Products: Dell: Emc Recoverpoint, Emc Recoverpoint For Virtual Machines

2 products

Emc Recoverpoint

Emc Recoverpoint For Virtual Machines

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Recoverpoint	Before 5.1.2.1
Dell Emc Recoverpoint For Virtual Machines	Before 5.2.0.2

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (6)

http://www.securityfocus.com/bid/105916

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042059

Source: security_alert@emc.com

Third Party AdvisoryVDB Entry

https://seclists.org/fulldisclosure/2018/Nov/34

Source: security_alert@emc.com

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/105916

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042059

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://seclists.org/fulldisclosure/2018/Nov/34

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

Timeline

No history available yet.