CVE-2024-48011Sensitive Information Exposure in Dell Powerprotect DD

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
6.5MEDIUMNVD
CNA3.1
EPSS
0.6%
top 31.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Powerprotect DDDell Data Domain Operating System
Timeline
PublishedNov 8

Description

Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerprotect_ddN/A7.7.5.50
NVDdell/data_domain_operating_system7.07.7.5.50

🔴Vulnerability Details

2
CVEList
CVE-2024-48011: Dell PowerProtect DD, versions prior to 72024-11-08
GHSA
GHSA-87vq-q7vm-pf75: Dell PowerProtect DD, versions prior to 72024-11-08