Arbitrary file upload in Dell Emc_solutions_enabler_virtual_appliance
CVE-2018-1215
An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell…
Vulnerability class: Unrestricted File Upload
EPSS: 0.044 (90.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Dell Emc_solutions_enabler_virtual_appliance
- Dell Emc_unisphere_for_vmax_virtual_appliance
- Dell Emc_vasa_virtual_appliance
- Dell Emc_vmax_embedded_management
- N/a Vapp Manager Which Is Embedded In Dell Emc Unisphere For Vmax, Solutions Enabler, Vasa Virtual Appliances, And Vmax Management (Emanagement) — versions vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement)
Weakness classification (CWE)
References
- security_alert@emc.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
- security_alert@emc.com (Third Party Advisory, x_refsource_MISC)
- security_alert@emc.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
- security_alert@emc.com (x_refsource_CONFIRM, Mailing List, Third Party Advisory)
Frequently asked questions
- What is CVE-2018-1215?
- CVE-2018-1215 is a high-severity vulnerability in Dell Emc_solutions_enabler_virtual_appliance, classified under Unrestricted Upload of File with Dangerous Type. CVSS score: 8.8/10. Published 2018-03-08.
- How severe is CVE-2018-1215?
- High severity. CVSS v3 base score is 8.8 out of 10.