CVE-2018-15772

Dell EMC RecoverPoint Uncontrolled Resource Consumption Vulnerability

EPSS 0.4%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

13 Nov 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. A malicious boxmgmt user may potentially be able to consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.

Affected products

Dell EMC · Dell EMC RecoverPoint Dell EMC · Dell EMC RecoverPoint Virtual Machine (VM)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://seclists.org/fulldisclosure/2018/Nov/34 http://www.securityfocus.com/bid/105916 http://www.securitytracker.com/id/1042059