var-202411-0631
Vulnerability from variot
Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. Dell's data domain operating system Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Dell PowerProtect Data Domain (Dell PowerProtect DD) is a set of hardware devices for data protection, backup, storage and deduplication from Dell (Dell)
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202411-0631", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "data domain operating system", scope: "lt", trust: 1, vendor: "dell", version: "7.7.5.50", }, { model: "data domain operating system", scope: "gte", trust: 1, vendor: "dell", version: "7.10.0.0", }, { model: "data domain operating system", scope: "gte", trust: 1, vendor: "dell", version: "7.13.0.0", }, { model: "data domain operating system", scope: "gte", trust: 1, vendor: "dell", version: "7.7.0.0", }, { model: "data domain operating system", scope: "lt", trust: 1, vendor: "dell", version: "7.10.1.40", }, { model: "data domain operating system", scope: "lt", trust: 1, vendor: "dell", version: "7.13.1.10", }, { model: "data domain operating system", scope: "lt", trust: 1, vendor: "dell", version: "8.1.0.0", }, { model: "data domain operating system", scope: "gte", trust: 1, vendor: "dell", version: "8.0.0.0", }, { model: "data domain operating system", scope: "eq", trust: 0.8, vendor: "デル", version: null, }, { model: "data domain operating system", scope: "eq", trust: 0.8, vendor: "デル", version: "7.7.0.0 that's all 7.7.5.50", }, { model: "data domain operating system", scope: "eq", trust: 0.8, vendor: "デル", version: "7.10.0.0 that's all 7.10.1.40", }, { model: "data domain operating system", scope: "eq", trust: 0.8, vendor: "デル", version: "8.0.0.0 that's all 8.1.0.0", }, { model: "data domain operating system", scope: null, trust: 0.8, vendor: "デル", version: null, }, { model: "data domain operating system", scope: "eq", trust: 0.8, vendor: "デル", version: "7.13.0.0 that's all 7.13.1.10", }, { model: "powerprotect dd", scope: "lt", trust: 0.6, vendor: "dell", version: "7.7.5.50", }, { model: "powerprotect dd", scope: "lt", trust: 0.6, vendor: "dell", version: "8.1.0.0", }, { model: "powerprotect dd", scope: "lt", trust: 0.6, vendor: "dell", version: "7.13.1.10", }, { model: "powerprotect dd", scope: "lt", trust: 0.6, vendor: "dell", version: "7.10.1.40", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "NVD", id: "CVE-2024-48010", }, ], }, cve: "CVE-2024-48010", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "MULTIPLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.7, confidentialityImpact: "NONE", exploitabilityScore: 6.4, id: "CNVD-2024-44920", impactScore: 9.2, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:M/C:N/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "security_alert@emc.com", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 1.2, id: "CVE-2024-48010", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2024-48010", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2024-48010", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "security_alert@emc.com", id: "CVE-2024-48010", trust: 1, value: "MEDIUM", }, { author: "nvd@nist.gov", id: "CVE-2024-48010", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2024-48010", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2024-44920", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "NVD", id: "CVE-2024-48010", }, { db: "NVD", id: "CVE-2024-48010", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. Dell's data domain operating system Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Dell PowerProtect Data Domain (Dell PowerProtect DD) is a set of hardware devices for data protection, backup, storage and deduplication from Dell (Dell)", sources: [ { db: "NVD", id: "CVE-2024-48010", }, { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "CNVD", id: "CNVD-2024-44920", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-48010", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2024-013532", trust: 0.8, }, { db: "CNVD", id: "CNVD-2024-44920", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "NVD", id: "CVE-2024-48010", }, ], }, id: "VAR-202411-0631", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "IoT", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, ], }, last_update_date: "2024-11-28T22:59:28.051000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Dell PowerProtect DD Access Control Error Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/618166", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "CWE-284", trust: 1, }, { problemtype: "Inappropriate access control (CWE-284) [ others ]", trust: 0.8, }, { problemtype: " Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "NVD", id: "CVE-2024-48010", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2024-48010", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-44920", }, { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "NVD", id: "CVE-2024-48010", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-44920", }, { db: "JVNDB", id: "JVNDB-2024-013532", }, { db: "NVD", id: "CVE-2024-48010", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-11-14T00:00:00", db: "CNVD", id: "CNVD-2024-44920", }, { date: "2024-11-27T00:00:00", db: "JVNDB", id: "JVNDB-2024-013532", }, { date: "2024-11-08T03:15:03.933000", db: "NVD", id: "CVE-2024-48010", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-11-14T00:00:00", db: "CNVD", id: "CNVD-2024-44920", }, { date: "2024-11-27T01:30:00", db: "JVNDB", id: "JVNDB-2024-013532", }, { date: "2024-11-26T19:26:13.733000", db: "NVD", id: "CVE-2024-48010", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Dell's data domain operating system Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2024-013532", }, ], trust: 0.8, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.