Medium severity6.5NVD Advisory· Published May 29, 2018· Updated Jun 17, 2026
CVE-2018-1242
CVE-2018-1242
Description
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.
Affected products
4<5.1.2+ 1 more
- (no CPE)range: <5.1.2
- (no CPE)range: unspecified
- Range: <5.1.1.3
- Range: unspecified
Patches
Vulnerability mechanics
References
2- seclists.org/fulldisclosure/2018/May/61nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/104246nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.