admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-457xx/CVE-2024-45759.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

133 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-45759",
"sourceIdentifier": "security_alert@emc.com",
"published": "2024-11-08T03:15:03.647",
"lastModified": "2024-11-26T02:10:03.923",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system."
},
{
"lang": "es",
"value": "Dell PowerProtect Data Domain, versiones anteriores a 8.1.0.0, 7.13.1.10, 7.10.1.40 y 7.7.5.50, contiene una vulnerabilidad de escalada de privilegios. Un atacante local con pocos privilegios podr\u00eda aprovechar esta vulnerabilidad, lo que provocar\u00eda la ejecuci\u00f3n no autorizada de determinados comandos para sobrescribir la configuraci\u00f3n del sistema de la aplicaci\u00f3n. La explotaci\u00f3n puede provocar la denegaci\u00f3n de servicio del sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.5
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.7.1.0",
"versionEndExcluding": "7.7.5.50",
"matchCriteriaId": "1E86CC1B-4C24-46D7-BC2D-F42E47A13E66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.10.0.0",
"versionEndExcluding": "7.10.1.40",
"matchCriteriaId": "581408C7-9067-41F9-AA9C-E58ECA0EE006"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.13.0.0",
"versionEndExcluding": "7.13.1.10",
"matchCriteriaId": "D65074E3-083E-4010-8E66-2A256155311A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0.0",
"versionEndExcluding": "8.1.0.0",
"matchCriteriaId": "45B0DE69-722F-4180-B4A7-24D002B3035C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability",
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink