admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-291xx/CVE-2024-29173.json
cad-safe-bot 66943053a4 Auto-Update: 2025-02-03T17:00:33.409736+00:00
2025-02-03 17:04:00 +00:00

189 lines
6.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-29173",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-06-26T03:15:09.877",
"lastModified": "2025-02-03T15:08:59.513",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote client."
},
{
"lang": "es",
"value": "Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de Server Side Request Forgery (SSRF). Un atacante remoto con altos privilegios podr\u00eda explotar esta vulnerabilidad, lo que llevar\u00eda a la divulgaci\u00f3n de informaci\u00f3n sobre la aplicaci\u00f3n o el cliente remoto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0",
"versionEndIncluding": "7.13",
"matchCriteriaId": "51B3D8A3-950B-4D4E-9E4D-7D1ADE791C93"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:in-cloud:*:*:*",
"matchCriteriaId": "83DBF4F3-791C-48A2-B37E-6B3F6177B470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:on-premises:*:*:*",
"matchCriteriaId": "D007B2BB-082B-4D33-A6A1-77714341C75C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4D9616-4482-4173-9507-6B8EC15F3521"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A81372F-E8DC-49AB-AC12-700F76D4C2C6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5525030D-2AA9-4AB6-8B15-D09214C1834E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C08E46D-6795-46DB-BA6C-548D7B8EBFA5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd9410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F820D2BB-4773-4B2F-BC50-9474B44DB8F6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "105F8F20-3EB3-49E7-82BE-3A5742EAA51E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dd9910:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84F58819-777E-43C1-B1EA-FFD7CDF79234"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16.0.0",
"matchCriteriaId": "D655A40E-7358-4E29-BDC6-8CC2E8BA1D63"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:dm5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B15806F-F6F1-4B26-921C-FE7620B3539F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink