CVE-2018-1242 vulnerability in EMC Products
Published on May 29, 2018

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.

NVD

Products Associated with CVE-2018-1242

stack.watch emails you whenever new vulnerabilities are published in EMC Recoverpoint or EMC Recoverpoint Virtual Machines. Just hit a watch button to start following.

EMC Recoverpoint

EMC Recoverpoint Virtual Machines

Affected Versions

Dell EMC RecoverPoint:

Version unspecified and below 5.1.2 is affected.

Dell EMC RecoverPoint Virtual Machine (VM):

Version unspecified and below 5.1.1.3 is affected.

Exploit Probability

EPSS

4.97%

Percentile

89.54%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1242 vulnerability in EMC ProductsPublished on May 29, 2018

Products Associated with CVE-2018-1242

Affected Versions

Exploit Probability

CVE-2018-1242 vulnerability in EMC Products
Published on May 29, 2018