Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker
2023-12-14T16:15:46.017
2024-11-21T08:25:34.707
Modified
CVSSv3.1: 6.7 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | dell | powerprotect_data_protection | < 2.7.6 | Yes |
| Hardware | dell | dp4400 | - | No |
| Hardware | dell | dp5900 | - | No |
| Application | dell | apex_protection_storage | < 6.2.1.110 | Yes |
| Application | dell | apex_protection_storage | < 7.10.1.15 | Yes |
| Application | dell | powerprotect_data_domain | < 6.2.1.110 | Yes |
| Application | dell | powerprotect_data_domain | < 7.12.0.0 | Yes |
| Application | dell | powerprotect_data_domain_management_center | < 6.2.1.110 | Yes |
| Application | dell | powerprotect_data_domain_management_center | < 7.13.0.10 | Yes |
| Operating System | dell | emc_data_domain_os | < 6.2.1.110 | Yes |
| Operating System | dell | emc_data_domain_os | < 7.12.0.0 | Yes |
| Operating System | dell | emc_data_domain_os | < 7.7.5.25 | Yes |
| Operating System | dell | emc_data_domain_os | < 7.10.1.15 | Yes |
| Operating System | dell | powerprotect_data_domain_management_center | < 7.7.5.25 | Yes |
| Operating System | dell | powerprotect_data_domain_management_center | < 7.10.1.15 | Yes |
| Hardware | dell | dd3300 | - | No |
| Hardware | dell | dd6400 | - | No |
| Hardware | dell | dd6900 | - | No |
| Hardware | dell | dd9400 | - | No |
| Hardware | dell | dd9900 | - | No |