CVE-2024-29174

Name of the Vulnerable Software and Affected Versions Dell Data Domain versions prior to 7.13.0.0 Dell Data Domain LTS 7.7.5.30 Dell Data Domain LTS 7.10.1.20

Description The issue allows a local low privileged attacker to potentially exploit an SQL Injection vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorized access to application data.

Recommendations For versions prior to 7.13.0.0, update to version 7.13.0.0 or later. For LTS 7.7.5.30, update to a version later than 7.7.5.30. For LTS 7.10.1.20, update to a version later than 7.10.1.20. As a temporary workaround, consider restricting access to the backend database to minimize the risk of exploitation.