Main Vulnerability Database Vulnerabilities #VU15915

Resource exhaustion in RecoverPoint for VMs and RecoverPoint - CVE-2018-15772

Published: November 15, 2018

Vulnerability identifier: #VU15915

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-15772

CWE-ID: CWE-400

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Dell

Affected software:
RecoverPoint for VMs
RecoverPoint

Detailed vulnerability description

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists due to resource exhaustion. A remote boxmgmt attacker can consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.

How to mitigate CVE-2018-15772

Update RecoverPoint to version 5.1.2.1 and RecoverPoint for VMs to version 5.2.0.2.

Sources

https://seclists.org/fulldisclosure/2018/Nov/34

Resource exhaustion in RecoverPoint for VMs and RecoverPoint - CVE-2018-15772

Detailed vulnerability description

How to mitigate CVE-2018-15772

Sources

Please verify you're human