admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-515xx/CVE-2024-51534.json
cad-safe-bot 10a1da556a Auto-Update: 2025-02-07T21:00:23.322745+00:00
2025-02-07 21:03:50 +00:00

126 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-51534",
"sourceIdentifier": "security_alert@emc.com",
"published": "2025-02-01T04:15:31.150",
"lastModified": "2025-02-07T19:58:25.567",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service."
},
{
"lang": "es",
"value": "Las versiones de Dell PowerProtect DD anteriores a DDOS 8.3.0.0, 7.10.1.50 y 7.13.1.20 contienen una vulnerabilidad Path Traversal. Un usuario local con pocos privilegios podr\u00eda aprovechar esta vulnerabilidad para obtener una sobrescritura no autorizada de los archivos del sistema operativo almacenados en el sistema de archivos del servidor. La explotaci\u00f3n podr\u00eda provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-29"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.1.0",
"versionEndExcluding": "7.10.1.50",
"matchCriteriaId": "6D56B479-FD54-438E-BDC2-FE21FCB7F647"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.13.1.0",
"versionEndExcluding": "7.13.1.20",
"matchCriteriaId": "44959F58-CC82-4D06-9BF5-D92A566981D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.14.0.0",
"versionEndExcluding": "8.3.0.0",
"matchCriteriaId": "B7A07BCC-040A-47FF-9727-F53C1338279B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink