Lucene search

[email protected]NVD:CVE-2024-37139

HistoryJun 26, 2024 - 4:15 a.m.

CVE-2024-37139

2024-06-2604:15:13

CWE-664

[email protected]

web.nvd.nist.gov

dell powerprotect dd

denial of service

cve-2024-37139

lts 7.13.1.0

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

14.1%

JSON

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource constraint of system application. Exploitation may lead to denial of service of the application.

Affected configurations

Nvd

Node

delldata_domain_operating_systemRange<7.7.5.40

delldata_domain_operating_systemRange7.8.0.0–7.10.1.30

delldata_domain_operating_systemRange7.11.0.0–7.13.1.0

VendorProductVersionCPE
delldata_domain_operating_system*cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	data_domain_operating_system	*	cpe:2.3:o:dell:data_domain_operating_system::::::::

References

www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

14.1%

JSON

Related for NVD:CVE-2024-37139

cve1 cvelist1 vulnrichment1