Low Encryption Strength Vulnerability in Dell Data Protection Advisor Could Lead to Denial of Service

CVE-2024-28974

7.6HIGH

Key Information

Vendor: Dell
Status: Data Protection Advisor; Powerprotect Dp Series Appliance (idpa)
Vendor: CVE Published:; 29 May 2024

Summary

Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

Affected Version(s)

Data Protection Advisor <= 19.9

PowerProtect DP Series Appliance (IDPA) <= 2.7.6

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
May 29, 2024
Vulnerability Reserved.
Mar 13, 2024

Collectors

NVD DatabaseMitre Database