CVE-2024-51534

Summary

Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service.

Affected Software

VendorProductVersion RangeStatus
DellPowerProtect DD7.7.1.0 <= 8.1.0.10affected
DellPowerProtect DD7.7.1.0 <= 7.13.1.10affected
DellPowerProtect DD7.7.1.0 <= 7.10.1.40affected

Weaknesses

  • CWE-29: CWE-29: Path Traversal: '..\filename'

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References