Low Encryption Strength Vulnerability in Dell Data Protection Advisor Could Lead to Denial of Service
CVE-2024-28974

6.5MEDIUM

Key Information:

Vendor: Dell
Status: Data Protection Advisor; Powerprotect Dp Series Appliance (idpa)
Vendor: CVE Published:; 29 May 2024

What is CVE-2024-28974?

The Inadequate Encryption Strength vulnerability present in Dell Data Protection Advisor version 19.9 allows low privileged attackers with remote access to exploit the weakness. This exploitation can potentially lead to a Denial of Service condition, impacting the availability of the service. As the vulnerability stems from insufficient encryption measures, it is critical for organizations using this product to apply security updates and configurations recommended by Dell to mitigate the risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Data Protection Advisor 19.5 <= 19.9

PowerProtect DP Series Appliance (IDPA) <= 2.7.6

References

https://www.dell.com/support/kbdoc/en-us/000225088/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 29, 2024
Vulnerability Reserved
Mar 13, 2024

JSON

Dell

What is CVE-2024-28974?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.