Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server filesystem, with the privileges of the running application.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
27 Dec 2023, 19:32
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:* cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:* cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2023:*:*:* cpe:2.3:h:dell:dp4400:-:*:*:*:*:*:*:* cpe:2.3:h:dell:dp5900:-:*:*:*:*:*:*:* cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2022:*:*:* cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:* cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:* cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:* cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:* cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:* cpe:2.3:a:dell:powerprotect_data_protection:*:*:*:*:*:*:*:* cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2023:*:*:* cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:* cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2022:*:*:* cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:* |
|
First Time |
Dell dd9900
Dell dp5900 Dell dd3300 Dell powerprotect Data Domain Management Center Dell apex Protection Storage Dell dd6900 Dell dd6400 Dell powerprotect Data Domain Dell emc Data Domain Os Dell dp4400 Dell dd9400 Dell powerprotect Data Protection Dell |
|
References | () https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities - Vendor Advisory | |
Summary |
|
14 Dec 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-14 16:15
Updated : 2023-12-27 19:32
NVD link : CVE-2023-44278
Mitre link : CVE-2023-44278
CVE.ORG link : CVE-2023-44278
JSON object : View
Products Affected
dell
- dp5900
- powerprotect_data_domain
- dd6400
- dd6900
- apex_protection_storage
- dp4400
- dd9900
- emc_data_domain_os
- dd9400
- powerprotect_data_domain_management_center
- dd3300
- powerprotect_data_protection
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')