1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. VNX Control Station in Dell EMC VNX2 OE for File

CVE CVE-2019-3704 Mappings

VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated malicious user could potentially execute arbitrary OS commands as root by exploiting this vulnerability.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2019-3704 VNX Control Station in Dell EMC VNX2 OE for File primary_impact T1059 Command and Scripting Interpreter
CVE-2019-3704 VNX Control Station in Dell EMC VNX2 OE for File secondary_impact T1068 Exploitation for Privilege Escalation
CVE-2019-3704 VNX Control Station in Dell EMC VNX2 OE for File exploitation_technique T1078 Valid Accounts