CVE-2023-48660: Path Traversal
First published: Thu Dec 14 2023(Updated: )
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Solutions Enabler | <9.2.4.5 | |
| Dell EMC Unisphere | <9.2.4.7 | |
| Dell PowerMax OS | =5978 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-48660?
CVE-2023-48660 is considered a high severity vulnerability due to the potential for arbitrary file reading by remote attackers.
How do I fix CVE-2023-48660?
To mitigate CVE-2023-48660, upgrade your Dell vApp Manager, Dell Unisphere for Powermax, and Dell Powermax OS to their latest versions above the specified thresholds.
What versions are affected by CVE-2023-48660?
CVE-2023-48660 affects Dell vApp Manager versions prior to 9.2.4.x, Dell Unisphere for Powermax versions prior to 9.2.4.7, and Dell Powermax OS version 5978.
What could an attacker do if they exploit CVE-2023-48660?
If exploited, an attacker could read arbitrary files on the target system, potentially leading to the exposure of sensitive information.
Is exploitation of CVE-2023-48660 network-based?
Yes, exploitation of CVE-2023-48660 can be performed remotely over the network.
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/description
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/emc solutions enabler
- canonical/dell emc unisphere
- canonical/dell powermax os
- version/dell powermax os/5978