CVE-2024-24902

Summary

Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentially exploit this vulnerability leading to gaining access to unauthorized data for a limited time.

Affected Software

VendorProductVersion RangeStatus
DellRecoverPoint for Virtual Machines6.0 SP1affected
DellRecoverPoint for Virtual Machines6.0 SP1 P1affected

Weaknesses

  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References