PT-2024-9594 · Dell · Dell Emc Recoverpoint For Vms
Published
2024-12-13
·
Updated
2024-12-14
·
CVE-2024-28980
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell RecoverPoint for VMs versions 6.0.x
Description
The issue is related to the use of a broken or risky cryptographic algorithm in the SSH component. An unauthenticated attacker with remote access could potentially exploit this, leading to remote execution.
Recommendations
For version 6.0.x, consider disabling the SSH functionality until a patch is available to mitigate the risk of exploitation. Restrict access to the SSH component to minimize the risk of remote execution.
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Emc Recoverpoint For Vms