CVE-2024-53296Stack-based Buffer Overflow in Dell Data Domain Operating System

CWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds Write3 documents3 sources
Severity
4.9MEDIUMNVD
CNA2.7
EPSS
0.2%
top 56.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Data Domain Operating SystemDell Powerprotect DD
Timeline
PublishedFeb 1

Description

Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5dell/powerprotect_dd7.13.1.07.13.1.10+1
NVDdell/data_domain_operating_system7.10.1.07.10.1.50+1

🔴Vulnerability Details

2
GHSA
GHSA-vg73-6hh6-2hpv: Dell PowerProtect DD versions prior to 72025-02-01
CVEList
CVE-2024-53296: Dell PowerProtect DD versions prior to 72025-02-01
CVE-2024-53296 — Stack-based Buffer Overflow in Dell | cvebase