CVE-2024-29173

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jun 26, 2024

CWE ID 918

Summary

CVE-2024-29173 is a newly disclosed Server-Side Request Forgery (SSRF) vulnerability affecting Dell PowerProtect DD. Versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, and LTS 7.7.5.40 are reportedly susceptible to this issue. An attacker with remote high privileges can potentially exploit this flaw, enabling them to disclose sensitive information from the application or even gain unauthorized access to the remote client. The vulnerability poses a significant risk and requires immediate attention from Dell PowerProtect DD users to apply patches or updates to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Dell Technologies, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wpgZeG
https://www.cve.org/CVERecord?id=CVE-2024-29173
https://nvd.nist.gov/vuln/detail/CVE-2024-29173

Back to Vulnerability Database

CVE-2024-29173

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations