Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-44286

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a victim user's DOM environment in the browser. . Exploitation may lead to information disclosure, session theft, or client-side request forgery.

Published

2023-12-14T16:15:48.200

Last Modified

2024-11-21T08:25:35.523

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-79
  • Type: Primary
    CWE-79
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application dell powerprotect_data_protection < 2.7.6 Yes
Hardware dell dp4400 - No
Hardware dell dp5900 - No
Application dell apex_protection_storage < 6.2.1.110 Yes
Application dell apex_protection_storage < 7.10.1.15 Yes
Application dell powerprotect_data_domain < 6.2.1.110 Yes
Application dell powerprotect_data_domain < 7.12.0.0 Yes
Application dell powerprotect_data_domain_management_center < 6.2.1.110 Yes
Application dell powerprotect_data_domain_management_center < 7.13.0.10 Yes
Operating System dell emc_data_domain_os < 6.2.1.110 Yes
Operating System dell emc_data_domain_os < 7.12.0.0 Yes
Operating System dell emc_data_domain_os < 7.7.5.25 Yes
Operating System dell emc_data_domain_os < 7.10.1.15 Yes
Operating System dell powerprotect_data_domain_management_center < 7.7.5.25 Yes
Operating System dell powerprotect_data_domain_management_center < 7.10.1.15 Yes
Hardware dell dd3300 - No
Hardware dell dd6400 - No
Hardware dell dd6900 - No
Hardware dell dd9400 - No
Hardware dell dd9900 - No
References