Privilege Escalation Vulnerability in Dell VxRail API Gateway
CVE-2024-38487

7HIGH

Key Information:

Vendor: Dell
Status: Emc Vxrail Appliance
Vendor: CVE Published:; 16 June 2026

What is CVE-2024-38487?

A vulnerability exists in the API Gateway component of Dell VxRail that allows an attacker with sufficient access to escape the container environment. If exploited, this flaw enables unauthorized access to the host system, potentially allowing the attacker to perform unintended actions with elevated permissions. It is crucial to apply the necessary security updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

EMC VxRail Appliance 0 < 7.0.520

References

https://www.dell.com/support/kbdoc/en-us/000226270/dsa-20...

vendor-advisory

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
Jun 18, 2024

CVE-2024-38487 Data

JSON