CVE-2019-3727

Summary

Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root.

Affected Software

VendorProductVersion RangeStatus
Dell EMCRecoverPointunspecified <= 5.2.0.2affected

Weaknesses

  • OS command injection vulnerability

ADP Enrichment

CVE Program Container

Additional References

References