var-201804-0950
Vulnerability from variot
In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service. plural Dell EMC The product includes XML An external entity vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. are all products of Dell in the United States. Dell EMC Unisphere for VMAX Virtual Appliance (vApp) is a management tool for VMAX storage arrays. EMC Solutions Enabler Virtual Appliance is a solution application virtual appliance
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0950",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0.2"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "3.7.1"
},
{
"model": "emc vmax enas",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "8.0"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0.1"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "3.7"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": null
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "3.7.2"
},
{
"model": "emc vipr srm",
"scope": "eq",
"trust": 1.6,
"vendor": "dell",
"version": "4.0.3"
},
{
"model": "emc xtremio",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "4.0.2"
},
{
"model": "emc xtremio",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "4.0"
},
{
"model": "emc vnxe1600 operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "3.1.9.9570228"
},
{
"model": "emc vnx2 operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.1.9.231"
},
{
"model": "emc unisphere",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.8"
},
{
"model": "emc vnxe 3300 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx2 operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "05.33.009.5.231"
},
{
"model": "emc vmax embedded management",
"scope": "lte",
"trust": 1.0,
"vendor": "dell",
"version": "1.4.0.347"
},
{
"model": "emc vnxe3200 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vasa provider virtual appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.512"
},
{
"model": "emc smis",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.6"
},
{
"model": "emc vnx1 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "05.32.000.5.225"
},
{
"model": "emc vmax enas",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "8.0.1"
},
{
"model": "emc unity operating environment",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "4.3.0.1522077968"
},
{
"model": "emc vnxe 3150 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe 3100 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx1 operating environment",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "7.1.82.0"
},
{
"model": "emc solutions enabler virtual appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "8.4.0.8"
},
{
"model": "emc smis",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc solutions enabler virtual appliance",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc unisphere",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc unity operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vasa provider virtual appliance",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vipr srm",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vmax embedded management",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vmax enas",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx1 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnx2 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe1600 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3100 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3150 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3200 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vnxe3300 operating environment",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc xtremio",
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": "emc vmax embedded management",
"scope": "eq",
"trust": 0.6,
"vendor": "dell",
"version": "1.4.0.347"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.1"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.6"
},
{
"model": "emc unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.2"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.1.0.3"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.7"
},
{
"model": "vnx2",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "05.33.009.5.231"
},
{
"model": "vnx2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.155"
},
{
"model": "emc unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.3"
},
{
"model": "vasa provider virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.3.0"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.0"
},
{
"model": "xtremio",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.4-41"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.1"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.4"
},
{
"model": "vnx1",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1.82.0"
},
{
"model": "vnxe",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.4.0.15"
},
{
"model": "vmax enas",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8"
},
{
"model": "vnx2 oe for file",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.211"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.7.1"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0"
},
{
"model": "solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0"
},
{
"model": "smis",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.6"
},
{
"model": "vnxe3200",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.1.5.8711957"
},
{
"model": "emc vmax embedded management",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "1.4.0.347"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.3"
},
{
"model": "solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.20"
},
{
"model": "unity operating environment",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.1"
},
{
"model": "solutions enabler",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.8"
},
{
"model": "emc unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.4.0.15"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.3"
},
{
"model": "vnx2",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.231"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.3"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.1"
},
{
"model": "vnx2 oe for file",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.217"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.0"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.2.6"
},
{
"model": "emc vmax embedded management",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "1.4"
},
{
"model": "vasa provider virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.6.2"
},
{
"model": "vnx2 oe for file",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.1.9.155"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0"
},
{
"model": "vnxe1600",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "3.1.9.9570228"
},
{
"model": "vnxe3200",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.1.0"
},
{
"model": "vnx1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1.80.3"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.6.1.6"
},
{
"model": "vnx2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0"
},
{
"model": "unity operating environment",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "4.3.0.1522077968"
},
{
"model": "unisphere for vmax",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.8"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.3.4"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "1.5"
},
{
"model": "vnxe1600",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "0"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "3.7.2"
},
{
"model": "emc solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "8.2"
},
{
"model": "vnx1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "vasa provider virtual appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "8.4.0.512"
},
{
"model": "solutions enabler",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.5.883"
},
{
"model": "unisphere for vmax",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "8.0.2"
},
{
"model": "vipr srm",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.0.2"
}
],
"sources": [
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:dell:emc_smis",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_solutions_enabler_virtual_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_unisphere",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_unity_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vasa_provider_virtual_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vipr_srm",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vmax_embedded_management",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vmax_enas",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnx1_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnx2_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe1600_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe_3100_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe_3150_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe3200_operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_vnxe_3300__operating_environment",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:dell:emc_xtremio",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jakub Palaczynski",
"sources": [
{
"db": "BID",
"id": "104024"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1183",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-1183",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-121728",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-1183",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-1183",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-1183",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-031",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-121728",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service. plural Dell EMC The product includes XML An external entity vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. are all products of Dell in the United States. Dell EMC Unisphere for VMAX Virtual Appliance (vApp) is a management tool for VMAX storage arrays. EMC Solutions Enabler Virtual Appliance is a solution application virtual appliance",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1183"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "VULHUB",
"id": "VHN-121728"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1183",
"trust": 2.8
},
{
"db": "BID",
"id": "104024",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-121728",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"id": "VAR-201804-0950",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
}
],
"trust": 0.6614885079999999
},
"last_update_date": "2024-11-23T22:26:25.136000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.dellemc.com/en-us/index.htm"
},
{
"title": "Multiple Dell EMC Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79775"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://seclists.org/fulldisclosure/2018/apr/61"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/104024"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1183"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1183"
},
{
"trust": 0.3,
"url": "http://dell.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-121728"
},
{
"db": "BID",
"id": "104024"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-30T00:00:00",
"db": "VULHUB",
"id": "VHN-121728"
},
{
"date": "2018-04-25T00:00:00",
"db": "BID",
"id": "104024"
},
{
"date": "2018-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"date": "2018-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"date": "2018-04-30T20:29:00.310000",
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-121728"
},
{
"date": "2018-04-25T00:00:00",
"db": "BID",
"id": "104024"
},
{
"date": "2018-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004978"
},
{
"date": "2018-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-031"
},
{
"date": "2024-11-21T03:59:21.123000",
"db": "NVD",
"id": "CVE-2018-1183"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Dell EMC In product XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004978"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-031"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…