PowerProtect DD Vulnerability Could Lead to Escalation of Privilege
CVE-2024-48010

7.2HIGH

Key Information:

Vendor: Dell
Status: Powerprotect Dd
Vendor: CVE Published:; 8 November 2024

What is CVE-2024-48010?

Dell PowerProtect DD versions prior to 8.1.0.0, along with specific earlier versions, are susceptible to an access control vulnerability. This issue allows remote attackers with high privileges to potentially exploit the vulnerability, leading to unauthorized escalation of privileges within the application. It is crucial for organizations using affected versions to apply recommended security updates promptly to mitigate risks associated with potential exploits.

Affected Version(s)

PowerProtect DD 7.7.1 <= 8.0.0.0

PowerProtect DD < 7.13.1.10

PowerProtect DD < 7.10.1.40

References

https://www.dell.com/support/kbdoc/en-us/000245360/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 8, 2024
Vulnerability Reserved
Oct 8, 2024