Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Dell VxRail 操作系统命令注入漏洞
Vulnerability Description
Dell VxRail是美国戴尔(Dell)公司的适用于每个 VMware 工作负载和用例(包括 VDI、计算密集型应用程序)以及在真正的混合云基础架构上托管传统和现代应用程序的单一 HCI 平台。 Dell VxRail 7.0.450之前版本存在操作系统命令注入漏洞。攻击者利用该漏洞在底层操作系统上执行任意操作系统命令,从而获得应用程序的特权。
CVSS Information
N/A
Vulnerability Type
N/A