7.8
CVE-2025-21105
- EPSS 0.05%
- Veröffentlicht 20.02.2025 12:15:11
- Zuletzt bearbeitet 31.07.2025 17:31:21
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain access to unauthorized data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Recoverpoint For Virtual Machines Version6.0 Updatesp1
Dell ≫ Recoverpoint For Virtual Machines Version6.0 Updatesp1_p1
Dell ≫ Recoverpoint For Virtual Machines Version6.0 Updatesp1_p2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.145 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security_alert@emc.com | 6.6 | 1.8 | 4.7 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.