Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the Unity underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
DELL Dell EMC Unity 操作系统操作系统命令注入漏洞
Vulnerability Description
DELL Dell EMC Unity是美国戴尔(DELL)公司的一款统一存储阵列产品。 Dell EMC Unity 存在操作系统命令注入漏洞,该漏洞源于输入验证不足。攻击者可利用该漏洞运行精心编制的命令并升级系统上的权限。
CVSS Information
N/A
Vulnerability Type
N/A