Dell PowerProtect Cyber Recovery, versions prior to 19.11, contain a privilege escalation vulnerability on virtual appliance deployments. A lower-privileged authenticated user can chain docker commands to escalate privileges to root leading to complete system takeover.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HDell Powerprotect Cyber Recovery
APPDell< 19.11
Related vulnerabilities
Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A r...
Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potenti...
Dell PowerProtect Cyber Recovery, versions prior to 19.18.0.2, contains an Insertion of Sensitive Information ...
Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)
RCE w Dell Wyse Management Suite — akceptacja niezaufanych danych