CVE-2024-48008
5.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | RecoverPoint for Virtual Machines | 6.0 SP1 | affected |
| Dell | RecoverPoint for Virtual Machines | 6.0 SP1 P1 | affected |
Weaknesses
- CWE-11: CWE-11: ASP.NET Misconfiguration: Creating Debug Binary
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.