CVE-2024-22433

🗓️ 01 Feb 2024 15:57:46Reported by dellType

Dell DP Search 19.2.0+ exposed plain text password opportunity in LdapSettings.get_ldap_inf

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-22433	6 Feb 202408:26	–	circl
CNNVD	Dell Data Protection Search Security Vulnerability	6 Feb 202400:00	–	cnnvd
Cvelist	CVE-2024-22433	1 Feb 202415:57	–	cvelist
EUVD	EUVD-2024-19977	3 Oct 202520:07	–	euvd
NVD	CVE-2024-22433	6 Feb 202407:15	–	nvd
OSV	CVE-2024-22433	6 Feb 202407:15	–	osv
Prion	Design/Logic Flaw	6 Feb 202407:15	–	prion
Vulnrichment	CVE-2024-22433	1 Feb 202415:57	–	vulnrichment

NVD

Vulners

Node

dell data_protection_searchRange19.2.0–19.6.4

[
  {
    "defaultStatus": "unaffected",
    "product": "Data Protection Search",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "19.2.0"
      },
      {
        "status": "affected",
        "version": "19.3.0"
      },
      {
        "status": "affected",
        "version": "19.4.0"
      },
      {
        "status": "affected",
        "version": "19.5.0"
      },
      {
        "status": "affected",
        "version": "19.5.1"
      },
      {
        "status": "affected",
        "version": "19.6.0"
      },
      {
        "status": "affected",
        "version": "19.6.1"
      },
      {
        "status": "affected",
        "version": "19.6.2"
      },
      {
        "status": "affected",
        "version": "19.6.3"
      }
    ]
  }
]

Source	Link
dell	www.dell.com/support/kbdoc/en-us/000221720/dsa-2024-063-security-update-for-dell-data-protection-search-multiple-security-vulnerabilities

21 Nov 2024 08:56Current

9.4High risk

Vulners AI Score9.4

CVSS 3.18.8 - 9.8

EPSS0.00224

SSVC

CWE-538