Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-45759

Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system.

Published

2024-11-08T03:15:03.647

Last Modified

2024-11-26T02:10:03.923

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-266
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	data_domain_operating_system	< 7.7.5.50	Yes
Operating System	dell	data_domain_operating_system	< 7.10.1.40	Yes
Operating System	dell	data_domain_operating_system	< 7.13.1.10	Yes
Operating System	dell	data_domain_operating_system	< 8.1.0.0	Yes

References

https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability Vendor Advisory ([email protected])