Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system.
History

Tue, 26 Nov 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell data Domain Operating System
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
Vendors & Products Dell
Dell data Domain Operating System

Fri, 08 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 08 Nov 2024 03:00:00 +0000

Type Values Removed Values Added
Description Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system.
Weaknesses CWE-266
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2024-11-08T02:48:42.259Z

Updated: 2024-11-08T15:56:51.934Z

Reserved: 2024-09-06T06:30:30.480Z

Link: CVE-2024-45759

cve-icon Vulnrichment

Updated: 2024-11-08T15:56:48.272Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-08T03:15:03.647

Modified: 2024-11-26T02:10:03.923

Link: CVE-2024-45759

cve-icon Redhat

No data.