CVE-2024-29177
2.7
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Summary
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain unauthorized access to the application report.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | PowerProtect DD | 7.0 <= 7.13 | affected |
| Dell | PowerProtect DD | N/A < 2.7.7 | affected |
| Dell | PowerProtect DD | N/A < 5.16.0.0 | affected |
| Dell | PowerProtect DD | 7.8 <= 7.13 | affected |
Weaknesses
- CWE-532: CWE-532: Insertion of Sensitive Information into Log File
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.