CVE-2024-48010

Summary

Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application.

Affected Software

VendorProductVersion RangeStatus
DellPowerProtect DD7.7.1 <= 8.0.0.0affected
DellPowerProtect DDN/A < 7.13.1.10affected
DellPowerProtect DDN/A < 7.10.1.40affected
DellPowerProtect DDN/A < 7.7.5.50affected

Weaknesses

  • CWE-284: CWE-284: Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References