CVE-2018-1235

Description

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

51.75

Associated Vulnerability

Vulnerability	OS Platform
Mozilla Firefox (61.0)	Windows
Updates for Mozilla Firefox ESR (52.9.0)	Windows
Mozilla Firefox (x64) (61.0)	Windows
Updates for Mozilla Firefox ESR (x64) (52.9.0)	Windows
Mozilla Firefox ESR (60.1.0)	Windows
Mozilla Firefox ESR (x64) (60.1.0)	Windows
Mozilla Thunderbird (52.9.0)	Windows
Mozilla Firefox (61.0.1)	Windows
Mozilla Firefox (x64) (61.0.1)	Windows
Mozilla Thunderbird (52.9.1)	Windows
Mozilla Firefox (61.0.2)	Windows
Mozilla Firefox (x64) (61.0.2)	Windows
Mozilla Thunderbird (60.2.1)	Windows
Upgrade faststone_image_viewer 6.2 to latest version	Windows
Mozilla Thunderbird (60.0)	Windows
Mozilla Thunderbird (60.3.0)	Windows
Mozilla Thunderbird (60.3.1)	Windows
Mozilla Thunderbird (60.3.2)	Windows
Mozilla Thunderbird (60.3.3)	Windows
Mozilla Thunderbird (60.4.0)	Windows
Mozilla Thunderbird (60.5.0)	Windows
Mozilla Thunderbird (60.5.1)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-307718	Mozilla Firefox (61.0)
PATCH-307722	Updates for Mozilla Firefox ESR (52.9.0)
PATCH-307725	Mozilla Firefox (x64) (61.0)
PATCH-307728	Updates for Mozilla Firefox ESR (x64) (52.9.0)
PATCH-307747	Mozilla Firefox ESR (60.1.0)
PATCH-307748	Mozilla Firefox ESR (x64) (60.1.0)
PATCH-307749	Mozilla Thunderbird (52.9.0)
PATCH-307753	Mozilla Firefox (61.0.1)
PATCH-307758	Mozilla Firefox (x64) (61.0.1)
PATCH-307789	Mozilla Thunderbird (52.9.1)
PATCH-307919	Mozilla Firefox (61.0.2)
PATCH-307924	Mozilla Firefox (x64) (61.0.2)
PATCH-308155	Mozilla Thunderbird (60.2.1)
PATCH-342371	FastStone Image Viewer (7.9)
PATCH-307900	Mozilla Thunderbird (60.0)
PATCH-308341	Mozilla Thunderbird (60.3.0)
PATCH-308412	Mozilla Thunderbird (60.3.1)
PATCH-308522	Mozilla Thunderbird (60.3.2)
PATCH-308580	Mozilla Thunderbird (60.3.3)
PATCH-308671	Mozilla Thunderbird (60.4.0)
PATCH-308875	Mozilla Thunderbird (60.5.0)
PATCH-308999	Mozilla Thunderbird (60.5.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234