10 matches found
CVE-2024-29174
Dell Data Domain is affected by CVE-2024-29174 with SQL Injection in software versions prior to 7.13.0.0, and LTS releases 7.7.5.30 and 7.10.1.20. The vulnerability could allow a local, low-privilege attacker to execute SQL commands on the backend database and gain unauthorized access to applicat...
CVE-2024-29175
CVE-2024-29175 concerns Dell PowerProtect Data Domain. The affected products are Dell PowerProtect Data Domain versions prior to 7.13.0.0, LTS 7.7.5.40, and LTS 7.10.1.30, where a weak cryptographic algorithm vulnerability could enable a remote, unauthenticated attacker to perform a man-in-the-mi...
CVE-2024-37141
Dell PowerProtect DD is affected by an open redirect vulnerability affecting versions prior to 8.0 and the LTS trains 7.13.1.0, 7.10.1.30, and 7.7.5.40. A remote, low-privilege attacker could cause information disclosure. The public documents specify fixes: upgrade to 8.0 or later, and apply fixe...
CVE-2024-29176
CVE-2024-29176 affects Dell PowerProtect DD prior to a fixed release. Dell PowerProtect DD versions 8.0, 7.13.1.0, 7.10.1.30, and 7.7.5.40 are vulnerable to an Out-of-bounds Write that could enable code execution by a low-privilege, remote attacker. The issue is caused by an out-of-bounds write i...
CVE-2024-37138
CVE-2024-37138 affects Dell PowerProtect DD (DDMC) prior to version 8.0 and LTS releases 7.13.1.0, 7.10.1.30, 7.7.5.40. The flaw is a relative path traversal in the management path that could allow a remote high-privileged attacker to cause the application to send an unauthorized file to the mana...
CVE-2024-37139
CVE-2024-37139 affects Dell PowerProtect DD before 8.0 and certain LTS branches (7.13.1.0.7.10.1.30, 7.7.5.40) with an improper control of a resource through its lifetime in an admin operation. This could allow a remote, low-privilege attacker to cause temporary resource constraint in a system ap...
CVE-2024-37140
Dell PowerProtect DD is affected: OS command injection in an admin operation present in versions prior to 8.0 and in LTS 7.13.1.0, 7.10.1.30, and 7.7.5.40. The underlying issue enables a remote low-privilege attacker to run arbitrary OS commands with the vulnerable application’s privileges, poten...
CVE-2024-29177
CVE-2024-29177 affects Dell PowerProtect DD prior to 8.0 and the LTS branches 7.13.1.0, 7.10.1.30, and 7.7.5.40. The issue is described as a disclosure of temporary sensitive information that could be exploited by a remote high-privilege attacker to reuse disclosed data to gain unauthorized acces...
CVE-2024-29173
Dell PowerProtect DD (before 8.0 and the listed LTS branches: 7.13.1.0, 7.10.1.30, 7.7.5.40) contains a Server-Side Request Forgery (SSRF) vulnerability. A remote, high-privilege attacker could potentially disclose information on the application or remote client. The provided documents confirm th...
CVE-2024-28973
Technical details beyond the generic description are not provided in the supplied documents. Monitor for updates from Dell and CVE List references.