CVE-2024-28977
CVE-2024-28977
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
24 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected products
Dell · Dell Repository Manager (DRM)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →