CVE-2018-1239
Description
Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.
Risk Information
Base Score
7.2
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.505
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Mozilla Firefox (63.0) | Windows |
| Mozilla Firefox (x64) (63.0) | Windows |
| Upgrade Foxit Reader Enterprise 9.0.1 to latest version | Windows |
| Upgrade foxit_reader 9.0.1 to latest version | Windows |
| Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability (CVE-2018-1239) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-308288 | Mozilla Firefox (63.0) |
| PATCH-308291 | Mozilla Firefox (x64) (63.0) |
| PATCH-341798 | Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise) |
| PATCH-341796 | Foxit Reader (2024.3.0.26795) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234