CVE-2024-29176

Published: Jun 26, 2024Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

Affected (4)

Products: Dell: Data Domain Operating System

Dell

1 product

Data Domain Operating System

Configuration A

3 vulnerable · 9 platform

Vulnerable Software	Affected Versions
Dell Data Domain Operating System	From 7.0 to 7.7.5.40
Dell Data Domain Operating System	From 7.11.0.0 to 7.13.1.0
Dell Data Domain Operating System	From 7.8.0.0 to 7.10.1.30

Running on/with	Platform Versions
Dell Apex Protection Storage	All versions
Dell Apex Protection Storage	All versions
Dell Dd3300	All versions
Dell Dd6400	All versions
Dell Dd6900	All versions
Dell Dd9400	All versions
Dell Dd9410	All versions
Dell Dd9900	All versions
Dell Dd9910	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Data Domain Operating System	Before 5.16.0.0

Running on/with	Platform Versions
Dell Dm5500	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.