← voltar
CVE-2024-22445

CVE-2024-22445

CVSS 7.2 HIGHEPSS 1.4%CWE-78
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.2EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
13 fev 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Dell · PowerProtect Data Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.dell.com/support/kbdoc/en-us/000222025/dsa-2024-061-dell-power-protect-data-manager-update-for-multiple-security-vulnerabilities