Improper Check or Handling of Exceptional Conditions Vulnerability in Cluster Component
CVE-2024-38482

7.2HIGH

Key Information:

Vendor: CloudLink
Status: ClouD-Link
Vendor: CVE Published:; 2 August 2024

What is CVE-2024-38482?

CloudLink versions 7.1.x and 8.x from Dell are affected by a vulnerability that involves improper checking and handling of exceptional conditions within the Cluster Component. This issue allows a highly privileged malicious user with remote access to exploit the vulnerability, resulting in unauthorized actions that could compromise sensitive information stored within the database. Proper security measures and updates are recommended to mitigate potential exploitation.

References

https://www.dell.com/support/kbdoc/en-us/000227493/dsa-20...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 2, 2024