{"id":1121,"date":"2018-05-22T18:23:45","date_gmt":"2018-05-22T18:23:45","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132179"},"modified":"2018-05-22T18:23:45","modified_gmt":"2018-05-22T18:23:45","slug":"six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/","title":{"rendered":"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/05\/22142242\/Backup_Server_Room.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>A pen-tester has found six vulnerabilities in Dell EMC RecoverPoint devices, including a critical\u00a0remote code execution flaw that could allow total system compromise.<\/p>\n<p>EMC RecoverPoint is a disaster recovery tool that can be used to back up local and remote information storage, across data centers and across physical and virtual machines. It continuously, in real time, replicates the data, so in the event a system is compromised or data is lost (from, say, a ransomware attack or a natural disaster), RecoverPoint allows a company to go back in time and recover an exact image of that data from a specific moment in time.<\/p>\n<p>Each of the flaws affect all versions of Dell EMC RecoverPoint prior to 5.1.2 and RecoverPoint for Virtual Machines prior to 5.1.1.3. The vendor has so far patched three of the issues, released Monday in advisory DSA-2018-095 (the non-public advisory is available to registered customers via the vendor\u2019s <a href=\"https:\/\/www.emc.com\/products\/security\/product-security-response-center.htm\">Product Security Response Center<\/a>).\u00a0One of the reported issues (PSRC-5489) is treated as a product defect and has been addressed in the same releases; and\u00a0Dell EMC offers remediation for\u00a0the other two with updated product configuration guidance.<\/p>\n<p>The most serious of the vulnerabilities, and one of the patched bugs, is rated critical (<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-1235\">CVE-2018-1235<\/a>, CVSS 9.8). It allows unauthenticated remote code execution with root privileges \u2013 which can pretty much hand over the keys to the kingdom to an attacker.<\/p>\n<p>According to Taylor, a bad actor with visibility of a RecoverPoint device on the network (either remotely or locally) can not only gain complete control over the RecoverPoint device itself, but also the underlying Linux operating system. No credentials are needed to carry out the attack. From there, the perpetrators can pivot to wreak more havoc.<\/p>\n<p>\u201cTo show the extent of compromise possible, during the engagement, once Foregenix had complete control of the RecoverPoint devices, it was then possible to exploit some of the other zero-day vulnerabilities discovered in order to pivot and gain control of the Microsoft Active Directory network that the RecoverPoints were integrated with,\u201d he said in a disclosure <a href=\"https:\/\/www.foregenix.com\/blog\/foregenix-identify-multiple-dellemc-recoverpoint-zero-day-vulnerabilities\">posting<\/a>, in particular the aforementioned insecure configuration option.<\/p>\n<p>Dell EMC and Taylor are providing no further details on the critical-rated flaw for fear attackers could use them as a blueprint to exploit the flaw while companies work to apply the fix.<\/p>\n<p>Another patched vulnerability is a medium-severity administrative menu arbitrary file read flaw (CVE-2018-1242, CVSS 6.7). It allows an attacker with local access to the \u201cboxmgmt\u201d administrative menu to read files from the file system, the vendor said. Interestingly, this same system was <a href=\"http:\/\/seclists.org\/fulldisclosure\/2018\/Feb\/9\">patched<\/a> for a different vulnerability back in February, for a privilege escalation issue that could allow a local attacker to run arbitrary commands with root privileges on the targeted system.<\/p>\n<p>The third patched issue is also a medium-severity bug (CVE-2018-1241, CVSS 6.2). Here, LDAP plaintext credentials are leaked into a Tomcat log file if a user logs into an LDAP account via RecoverPoint\u2019s web interface. The problem is that the credentials can remain in the log file indefinitely, and attackers with access to the RecoverPoint file system can hijack them to then compromise the LDAP account.<\/p>\n<p>The two unpatched vulnerabilities involve the fact that RecoverPoint is shipped with a system password hash stored in a world-readable file (i.e., it can be read by any user, according to Taylor); and the use of a default root password that can only be changed in some versions by contacting the vendor.<\/p>\n<p>Dell EMC initially issued a CVE for the first vulnerability, but then revoked it. A spokesperson told Threatpost that the reported issue, when not chained with other known, patched vulnerabilities, does not result in a negative outcome by itself.<\/p>\n<p>\u201cBased on our internal investigation, the files that contained the grub password hash can only be read by the root user via SSH access (regardless of the file permissions),\u201d he explained. \u201cThe root level user already has access to the grub configuration file that contains the same hash. The root level user can also reset grub password at any time. For these reasons we decided not to assign a CVE for this issue.\u201d<\/p>\n<p>Nonetheless, Dell EMC has fixed the flaw in the latest upgrade, which will\u00a0also remove exposed hashes from the listed files.<\/p>\n<p>As for the password concern, Taylor said that the password at issue is for the root account for RecoverPoint\u2019s underlying Linux OS. Thus, compromising the root password of one device means that an attacker could gain control over all of the devices using that same default password, by logging in at the local console, or gaining console access as an unprivileged user, and changing to root.<\/p>\n<p>\u201cRemote login for the root account is disabled by default in RecoverPoint and Dell EMC recommends against changing this default setting for security reasons,\u201d the spokesperson told us. However, he added that customers can self-manage the root password in newer versions, and the vendor has updated its documentation to include detailed instructions for how to change it. For older versions\u00a0of the product, Dell EMC is advising customers to contact customer support for assistance.<\/p>\n<p>And finally, the insecure configuration allows LDAP credentials to be sent in clear text, which means they can be intercepted by attackers in a a man-in-the-middle offensive, or by someone who has gained access to the RecoverPoint device using another vulnerability. The stakes are high on this one if the critical patch hasn\u2019t been applied: Foregenix was able to exploit this flaw to intercept credentials sent from the RecoverPoint device, in order to compromise a Microsoft Active Directory domain.<\/p>\n<p>LDAP settings are configured during the product installation.<em>\u00a0<\/em>Dell EMC said that the RecoverPoint documentation provides a warning about the insecure nature of that particular configuration, so users are setting it up that way at their own risk. The vendor advises customers to use LDAP over SSL for security reasons, instead, and provides instructions for how to do that in the documentation.<\/p>\n<p>\u201cWe thank Forgenix Ltd. for bringing this to our attention and its cooperation with Dell EMC to ensure coordinated disclosure,\u201d the vendor said in a media statement. \u201cDell EMC follows best practices in managing and responding to security vulnerabilities discovered in our products. Our goal is to provide customers with timely information, guidance and mitigation to address threats from vulnerabilities.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/132179\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A pen-tester has found five vulnerabilities in Dell EMC RecoverPoint devices, including a critical RCE that could allow total system compromise. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":1122,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[700,701,702,211,18,493,703,704,244,705,19],"class_list":["post-1121","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-dell-emc","tag-disaster-recovery","tag-dsa-2018-095","tag-featured","tag-hacks","tag-linux","tag-paul-taylor","tag-recoverpoint","tag-remote-code-execution","tag-virtual-machines","tag-vulnerabilities"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-22T18:23:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"700\" \/>\n\t<meta property=\"og:image:height\" content=\"457\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical\",\"datePublished\":\"2018-05-22T18:23:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/\"},\"wordCount\":1067,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg\",\"keywords\":[\"Dell EMC\",\"Disaster Recovery\",\"DSA-2018-095\",\"Featured\",\"Hacks\",\"Linux\",\"paul taylor\",\"recoverpoint\",\"remote code execution\",\"virtual machines\",\"Vulnerabilities\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/\",\"name\":\"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg\",\"datePublished\":\"2018-05-22T18:23:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg\",\"width\":700,\"height\":457},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Dell EMC\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/dell-emc\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/","og_locale":"en_US","og_type":"article","og_title":"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-22T18:23:45+00:00","og_image":[{"width":700,"height":457,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical","datePublished":"2018-05-22T18:23:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/"},"wordCount":1067,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg","keywords":["Dell EMC","Disaster Recovery","DSA-2018-095","Featured","Hacks","Linux","paul taylor","recoverpoint","remote code execution","virtual machines","Vulnerabilities"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/","url":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/","name":"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg","datePublished":"2018-05-22T18:23:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical.jpg","width":700,"height":457},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/six-vulnerabilities-found-in-dell-emcs-disaster-recovery-system-one-critical\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Dell EMC","item":"https:\/\/www.threatshub.org\/blog\/tag\/dell-emc\/"},{"@type":"ListItem","position":3,"name":"Six Vulnerabilities Found in Dell EMC\u2019s Disaster Recovery System, One Critical"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/1121","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=1121"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/1121\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/1122"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=1121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=1121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=1121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}