Dell Data Lakehouse Vulnerable to Missing Encryption of Sensitive Data
CVE-2024-38302
6.8MEDIUM
Summary
Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data vulnerability in the DDAE (Starburst). A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.
Affected Version(s)
Dell Data Lakehouse = 1.0.0.0
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database