CVE-2023-48667

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 14, 2023

Updated: Dec 27, 2023

CWE ID 78

Summary

CVE-2023-48667 is a high severity vulnerability affecting Dell PowerProtect DD versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. An OS command injection issue exists in the administrator CLI, which a remote, high privileged attacker could exploit to execute arbitrary OS commands on the underlying OS. Successful exploitation of this vulnerability could result in a system takeover by the attacker, bypassing existing security restrictions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

APEX Protection Storage

Affected Vendors

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tci4ZB
https://www.cve.org/CVERecord?id=CVE-2023-48667
https://nvd.nist.gov/vuln/detail/CVE-2023-48667

Back to Vulnerability Database