{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T02:49:04.206","vulnerabilities":[{"cve":{"id":"CVE-2018-11064","sourceIdentifier":"security_alert@emc.com","published":"2018-10-05T21:29:00.387","lastModified":"2024-11-21T03:42:36.360","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools that might result in arbitrary code execution with elevated privileges. No user file systems are directly affected by this vulnerability."},{"lang":"es","value":"Dell EMC Unity OE en versiones 4.3.0.x y 4.3.1.x y UnityVSA OE en versiones 4.3.0.x y 4.3.1.x contienen una vulnerabilidad de permisos de archivo incorrectos. Un usuario malicioso autenticado localmente podría explotar esta vulnerabilidad para alterar múltiples archivos en las herramientas del servicio, lo que podría resultar en la ejecución de código arbitrario con privilegios elevados. Ningún sistema de archivos del usuario se ve directamente afectado por esta vulnerabilidad."}],"metrics":{"cvssMetricV30":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_unity_operating_environment:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0.1522077968","versionEndIncluding":"4.3.1.1525703027","matchCriteriaId":"1F2560A8-0636-4902-A476-CF9B58619A49"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_unityvsa_operating_environment:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0.1522077968","versionEndIncluding":"4.3.1.1525703027","matchCriteriaId":"5EC48046-98E6-454B-86DF-C2316605E4C6"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105447","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://seclists.org/fulldisclosure/2018/Sep/55","source":"security_alert@emc.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/105447","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://seclists.org/fulldisclosure/2018/Sep/55","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}