Use of Hardcoded Credentials Vulnerability in Dell PowerScale InsightIQ
CVE-2024-39582

4.4MEDIUM

Key Information:

Vendor: Dell
Status: Powerscale Insightiq
Vendor: CVE Published:; 10 September 2024

Summary

The Dell PowerScale InsightIQ version 5.0 is affected by a vulnerability that involves the use of hardcoded credentials. This flaw potentially allows a high-privileged attacker with local access to exploit the system, resulting in unauthorized information disclosure. It is crucial for users of this product to be aware of the risk and to take necessary precautions to mitigate potential threats. For further information and updates, refer to Dell's security advisory.

Affected Version(s)

PowerScale InsightIQ 5.0

References

https://www.dell.com/support/kbdoc/en-us/000228412/dsa-20...

vendor-advisory

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 10, 2024
Vulnerability Reserved
Jun 26, 2024