CVE-2023-28062

Summary

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

Affected Software

VendorProductVersion RangeStatus
DellPPDM Reporting (PowerProtect Data Manager)19.10, 19.11 and 19.12affected

Weaknesses

  • CWE-648: CWE-648: Incorrect Use of Privileged APIs

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References