Dell PowerProtect Data Domain Vulnerability: Local Privilege Escalation Risk

CVE-2024-45759

6.8MEDIUM

Key Information

Vendor: Dell
Status: Powerprotect Dd
Vendor: CVE Published:; 8 November 2024

Summary

Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system.

Affected Version(s)

PowerProtect DD <= 8.0.0.0

PowerProtect DD < 7.13.1.10

PowerProtect DD < 7.10.1.40

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Nov 8, 2024
Vulnerability Reserved.
Sep 6, 2024

Collectors

NVD DatabaseMitre Database