Multiple Dell Data Lakehouse Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-47483 CVSS:2.9

Dell Data Lakehouse is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to view, add, modify or delete information in the back-end database.

CVE-2024-47481 CVSS:6.5

Dell Data Lakehouse is vulnerable to a denial of service, caused by an improper access control vulnerability. By sending specially request, a remote attacker could exploit this vulnerability to cause the application to crash.

Impact

Data Manipulation
Denial of Service

Indicators of Compromise

CVE

CVE-2024-47483
CVE-2024-47481

Affected Vendors

Dell

Affected Products

Dell Data Lakehouse 1.0.0.0
Dell Data Lakehouse 1.1.0.0

Remediation

Refer to Dell Security Advisory for patch, upgrade or suggested workaround information.

Dell Security Advisory

Several U.S. Telecom Providers Compromised by Chinese Threat Actors

Webflow Abused by Cybercriminals to Trick Users into Divulging Login Credentials – Active IOCs

Multiple Dell Data Lakehouse Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan