cbcvebase.
CVE-2024-25955
published 2024-03-28

CVE-2024-25955: Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability…

PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.44%
69.8th percentile
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.

Affected

6 ranges
VendorProductVersion rangeFixed in
dellpowermax_eem
dellsolutions_enabler_virtual_appliance< 9.2.4.69.2.4.6
dellunisphere_for_powermax_virtual_appliance< 9.2.4.99.2.4.9
dellvirtual_appliance_manager>= N/A < 9.2.4.99.2.4.9
dellvirtual_appliance_manager>= N/A < 9.2.4.69.2.4.6
dellvirtual_appliance_manager>= N/A < 59785978
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.

CVE-2024-25955 — OS Command Injection in Dell | cvebase