CVE-2018-11064

Summary

Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools that might result in arbitrary code execution with elevated privileges. No user file systems are directly affected by this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Dell EMCDell EMC Unity4.3.0.x <= 4.3.1.xaffected
Dell EMCDell EMC UnityVSA4.3.0.x <= 4.3.1.xaffected

Weaknesses

  • Incorrect File Permissions

ADP Enrichment

CVE Program Container

Additional References

References