Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application.
History

Tue, 26 Nov 2024 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell data Domain Operating System
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
Vendors & Products Dell data Domain Operating System

Fri, 08 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell apex Protection Storage
Dell emc Data Domain Os
Dell powerprotect Data Domain
Dell powerprotect Data Domain Management Center
CPEs cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerprotect_data_domain:-:*:*:*:virtual:*:*:*
cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*
Vendors & Products Dell
Dell apex Protection Storage
Dell emc Data Domain Os
Dell powerprotect Data Domain
Dell powerprotect Data Domain Management Center
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 08 Nov 2024 03:15:00 +0000

Type Values Removed Values Added
Description Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application.
Weaknesses CWE-284
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2024-11-08T03:01:01.903Z

Updated: 2024-11-08T15:56:27.836Z

Reserved: 2024-10-08T05:40:53.868Z

Link: CVE-2024-48010

cve-icon Vulnrichment

Updated: 2024-11-08T15:56:15.389Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-08T03:15:03.933

Modified: 2024-11-26T19:26:13.733

Link: CVE-2024-48010

cve-icon Redhat

No data.