PT-2024-27324 · Dell · Dell Data Manager Appliance
Published
2024-07-31
·
Updated
2024-11-22
·
CVE-2024-37135
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Dell Data Manager Appliance Software version 5.16.0.0
Description
The issue is related to an information disclosure vulnerability. A local attacker with high privileges could potentially exploit this, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
Recommendations
For version 5.16.0.0, patch immediately and rotate affected credentials.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Data Manager Appliance