Severity
Medium
Analysis Summary
CVE-2024-53295 CVSS:7.8
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege.
CVE-2024-53296 CVSS:2.7
Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
CVE-2024-51534 CVSS:7.1
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service.
Impact
- Denial of Service
- Buffer Overflow
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2024-53295
CVE-2024-53296
CVE-2024-51534
Affected Vendors
- Dell
Affected Products
- Dell PowerProtect DD 8.3.0.0
- Dell PowerProtect DD 7.10.1.50
- Dell PowerProtect DD 7.13.1.20
Remediation
Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.