Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. A remote authenticated malicious user with root privileges could inject parameters in the ACM component APIs that could lead to manipulation of passwords and execution of malicious commands on ACM component.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2020-03-31T00:00:00
Updated: 2020-04-15T18:00:18
Reserved: 2020-01-03T00:00:00
Link: CVE-2020-5350
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-15T18:15:15.693
Modified: 2020-04-23T19:53:20.433
Link: CVE-2020-5350
JSON object: View
Redhat Information
No data.
CWE