CVE-2018-1215Unrestricted File Upload in Dell EMC Solutions Enabler Virtual Appliance

CWE-434Unrestricted File Upload4 documents4 sources
Severity
8.8HIGHNVD
EPSS
10.2%
top 6.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Dell EMC Solutions Enabler Virtual ApplianceDell EMC Unisphere FOR Vmax Virtual ApplianceDell EMC Vasa Virtual Appliance+1 more
Timeline
PublishedMar 8
Latest updateMay 14

Description

An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versi

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

NVDdell/emc_unisphere< 8.4.0.18

🔴Vulnerability Details

2
GHSA
GHSA-69qj-g89f-2x2j: An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, De2022-05-14
CVEList
CVE-2018-1215: An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, De2018-03-08
CVE-2018-1215 — Unrestricted File Upload in Dell | cvebase