CVE-2023-44304

Summary

Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance.

Affected Software

VendorProductVersion RangeStatus
DellDell PowerProtect Data Manager DM5500 ApplianceDM5500 5.14 and belowaffected

Weaknesses

  • CWE-78: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References