CVE-2023-44278

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 14, 2023

Updated: Dec 27, 2023

CWE ID 22

Summary

CVE-2023-44278 is a path traversal vulnerability affecting Dell PowerProtect Data Domain versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. This issue allows a local high privileged attacker to gain unauthorized read and write access to OS files on the server filesystem, exploiting the vulnerability with the privileges of the running application.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

APEX Protection Storage

Affected Vendors

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0dkyY
https://www.cve.org/CVERecord?id=CVE-2023-44278
https://nvd.nist.gov/vuln/detail/CVE-2023-44278

Back to Vulnerability Database