CVE-2023-48664

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 14, 2023

Updated: Dec 19, 2023

CWE ID 78

Summary

CVE-2023-48664 is a command injection vulnerability affecting Dell vApp Manager versions prior to 9.2.4.x. This issue allows a remote user with high privileges to inject and execute arbitrary OS commands on the affected system, posing a significant security risk. Successful exploitation could result in unauthorized access, data theft, or system damage. It is strongly recommended that users update to the latest version of Dell vApp Manager to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tci4ZD
https://www.cve.org/CVERecord?id=CVE-2023-48664
https://nvd.nist.gov/vuln/detail/CVE-2023-48664

Back to Vulnerability Database

CVE-2023-48664

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations