CVE-2023-48667
published 2023-12-14CVE-2023-48667: Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A…
PriorityP351high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.78%
75.5th percentile
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | apex_protection_storage | < 6.2.1.110 | 6.2.1.110 |
| dell | apex_protection_storage | >= 7.0 < 7.10.1.15 | 7.10.1.15 |
| dell | emc_data_domain_os | < 6.2.1.110 | 6.2.1.110 |
| dell | emc_data_domain_os | >= 7.0 < 7.12.0.0 | 7.12.0.0 |
| dell | emc_data_domain_os | >= 7.10 < 7.10.1.15 | 7.10.1.15 |
| dell | emc_data_domain_os | >= 7.7 < 7.7.5.25 | 7.7.5.25 |
| dell | powerprotect_data_domain | < 6.2.1.110 | 6.2.1.110 |
| dell | powerprotect_data_domain | >= 7.0 < 7.12.0.0 | 7.12.0.0 |
| dell | powerprotect_data_domain_management_center | < 6.2.1.110 | 6.2.1.110 |
| dell | powerprotect_data_domain_management_center | >= 7.0 < 7.13.0.10 | 7.13.0.10 |
| dell | powerprotect_data_domain_management_center | >= 7.10 < 7.10.1.15 | 7.10.1.15 |
| dell | powerprotect_data_domain_management_center | >= 7.7 < 7.7.5.25 | 7.7.5.25 |
| dell | powerprotect_data_protection | < 2.7.6 | 2.7.6 |
| dell | powerprotect_dd | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-12-14
Published