CVE-2023-48664 HIGH

CVE-2023-48664

Vendor Dell

Product vApp Manager

Weakness CWE-78

Published December 14, 2023

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

7.2/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system.

Key dates

02Disclosure timeline

December 14, 2023 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-48664

Related vulnerabilities

04Related CVE

CVE-2023-20163 Cisco Identity Services Engine Command Injection Vulnerabilities CVE-2023-38056 Code execution via System Configuration CVE-2026-1345 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access CVE-2026-32892 OS Command Injection in Chamilo LMS 1.11.36 CVE-2025-34286 Nagios XI < 2026R1 RCE via Run Check Command in CCM