PT-2024-22779 · Dell · Dell Powerprotect Dd
Published
2024-06-26
·
Updated
2024-06-26
·
CVE-2024-29173
CVSS v3.1
6.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Dell PowerProtect DD versions prior to 8.0
Dell PowerProtect DD LTS 7.13.1.0
Dell PowerProtect DD LTS 7.10.1.30
Dell PowerProtect DD LTS 7.7.5.40
Description
A Server-Side Request Forgery (SSRF) issue exists, allowing a remote high privileged attacker to potentially exploit it and lead to disclosure of information on the application or remote client.
Recommendations
For Dell PowerProtect DD versions prior to 8.0, update to version 8.0 or later.
For Dell PowerProtect DD LTS 7.13.1.0, update to a version that includes the fix for this issue.
For Dell PowerProtect DD LTS 7.10.1.30, update to a version that includes the fix for this issue.
For Dell PowerProtect DD LTS 7.7.5.40, update to a version that includes the fix for this issue.
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Powerprotect Dd