Dell Data Lakehouse vulnerabilities
4 known vulnerabilities affecting dell/dell_data_lakehouse.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2024-37143P2CRITICALCVSS 9.8≥ N/A, < 1.2.0.02024-12-10
CVE-2024-37143 [CRITICAL] CWE-59 CVE-2024-37143: Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versio
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior
nvd
CVE-2024-37144P4MEDIUMCVSS 6.7≥ N/A, < 1.2.0.02024-12-10
CVE-2024-37144 [MEDIUM] CWE-922 CVE-2024-37144: Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versio
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior
nvd
CVE-2024-47481P4MEDIUMCVSS 6.5v1.0.0.0v1.1.0.02024-10-25
CVE-2024-47481 [MEDIUM] CWE-284 CVE-2024-47481: Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability
Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Denial of service.
nvd
CVE-2024-38302P4MEDIUMCVSS 5.7v1.0.0.02024-07-18
CVE-2024-38302 [MEDIUM] CWE-311 CVE-2024-38302: Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data vulnerabi
Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data vulnerability in the DDAE (Starburst). A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.
nvd