DSM 2022.2 SU2 and all prior versions allows a local low privileged account to execute arbitrary OS commands as the DSM software installation user.
2023-08-10T20:15:09.657
2024-11-21T07:54:27.773
Modified
CVSSv3.1: 7.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ivanti | desktop_\&_server_management | < 2022.2 | Yes |
| Application | ivanti | desktop_\&_server_management | 2022.2 | Yes |
| Application | ivanti | desktop_\&_server_management | 2022.2 | Yes |
| Application | ivanti | desktop_\&_server_management | 2022.2 | Yes |