admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-01 03:01:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-371xx/CVE-2024-37139.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

132 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-37139",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-06-26T04:15:13.350",
"lastModified": "2024-11-21T09:23:17.037",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource constraint of system application. Exploitation may lead to denial of service of the application."
},
{
"lang": "es",
"value": "Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de control inadecuado de un recurso durante su vida \u00fatil en una operaci\u00f3n de administraci\u00f3n. Un atacante remoto con pocos privilegios podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda una limitaci\u00f3n temporal de recursos de la aplicaci\u00f3n del sistema. La explotaci\u00f3n puede dar lugar a la denegaci\u00f3n del servicio de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-664"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.7.5.40",
"matchCriteriaId": "C6A0B6C8-491A-46F2-A330-15000DE501BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0.0",
"versionEndExcluding": "7.10.1.30",
"matchCriteriaId": "28F4339F-F4B0-479A-B300-ADB987171B31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.11.0.0",
"versionEndExcluding": "7.13.1.0",
"matchCriteriaId": "8EF3066F-F378-4AA6-B50C-B33C22C57492"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink