DellCVELIST:CVE-2018-11064CVE-2018-11064
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
12.6%
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools that might result in arbitrary code execution with elevated privileges. No user file systems are directly affected by this vulnerability.
CNA Affected
[
{
"product": "Dell EMC Unity",
"vendor": "Dell EMC",
"versions": [
{
"lessThanOrEqual": "4.3.1.x",
"status": "affected",
"version": "4.3.0.x",
"versionType": "custom"
}
]
},
{
"product": "Dell EMC UnityVSA",
"vendor": "Dell EMC",
"versions": [
{
"lessThanOrEqual": "4.3.1.x",
"status": "affected",
"version": "4.3.0.x",
"versionType": "custom"
}
]
}
]Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
12.6%