Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-48007

Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the system leading to gaining access to unauthorized data.

Published

2024-12-13T14:15:22.147

Last Modified

2025-03-13T16:15:23.800

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-798
Type: Secondary
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	recoverpoint_for_virtual_machines	6.0	Yes
Application	dell	recoverpoint_for_virtual_machines	6.0	Yes

References

https://www.dell.com/support/kbdoc/en-us/000259765/dsa-2024-429-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-third-party-component-vulnerabilities Vendor Advisory ([email protected])