CVE-2019-3704

Summary

VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated malicious user could potentially execute arbitrary OS commands as root by exploiting this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Dell EMCVNX Control Station in Dell EMC VNX2 OE for Fileunspecified < 8.1.9.236affected

Weaknesses

  • OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References