CVE-2024-22433

Name of the Vulnerable Software and Affected Versions Dell Data Protection Search versions 19.2.0 and above

Description The issue is related to the LdapSettings.get ldap info component of the Dell Data Protection Search system, which is associated with a data leak from different sources. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability, leading to a loss of confidentiality, integrity, and protection, as well as remote takeover of the system.

Recommendations For Dell Data Protection Search versions 19.2.0 and above, consider disabling the use of LdapSettings.get ldap info until a patch is available to prevent potential exploitation. Restrict access to the DP Search system to minimize the risk of remote takeover. At the moment, there is no information about a newer version that contains a fix for this vulnerability.