CVE-2021-4406 - Authenticated Remote COmmand Execution as root in OSNEXUS QuantaStor version 6.0.0.355 and others
CVE | CVE-2021-4406 | |||||||||||
Credits | ||||||||||||
Affected products |
|
|||||||||||
CVSS |
Base score:
9.1
(CRITICAL) |
|||||||||||
References |
|
|||||||||||
Problem type(s) | CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection') | |||||||||||
Solution(s) | Upgrade to the latest version of OSNEXUS QuantaStor and hope it is fixed | |||||||||||
Last modified | 06 Jul 2023 15:43 |
Description
An administrator is able to execute commands as root via the alerts management dialog
JSON version