Dell RecoverPoint Virtual Machine Vulnerability Could Lead to Information Disclosure and Unintended Actions
CVE-2024-48008
6.5MEDIUM
Key Information:
- Vendor
Dell
- Vendor
- CVE Published:
- 13 December 2024
What is CVE-2024-48008?
Dell RecoverPoint for Virtual Machines 6.0.x is susceptible to an OS Command Injection vulnerability, enabling low privileged remote attackers to exploit the flaw. Successful exploitation may lead to sensitive information disclosure, allowing unauthorized actions such as the retrieval of files containing confidential data. Proper security measures should be evaluated and implemented to mitigate this risk.
Affected Version(s)
RecoverPoint for Virtual Machines 6.0 SP1
RecoverPoint for Virtual Machines 6.0 SP1 P1