CVE-2024-29173

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote client.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
OR cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:in-cloud:*:*:*
cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:on-premises:*:*:*
cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9410:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9910:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:dm5500:-:*:*:*:*:*:*:*

History

03 Feb 2025, 15:08

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - Vendor Advisory
CPE cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*
cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:in-cloud:*:*:*
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dm5500:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9410:-:*:*:*:*:*:*:*
cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:on-premises:*:*:*
cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*
cpe:2.3:h:dell:dd9910:-:*:*:*:*:*:*:*
First Time Dell dd9400
Dell dd9410
Dell apex Protection Storage
Dell
Dell dd3300
Dell dd6400
Dell dd9900
Dell dd9910
Dell dd6900
Dell data Domain Operating System
Dell dm5500

21 Nov 2024, 09:07

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities -
Summary
  • (es) Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de Server Side Request Forgery (SSRF). Un atacante remoto con altos privilegios podría explotar esta vulnerabilidad, lo que llevaría a la divulgación de información sobre la aplicación o el cliente remoto.

26 Jun 2024, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-26 03:15

Updated : 2025-02-03 15:08


NVD link : CVE-2024-29173

Mitre link : CVE-2024-29173

CVE.ORG link : CVE-2024-29173


JSON object : View

Products Affected

dell

  • dd3300
  • dd9910
  • dd9400
  • dd6400
  • data_domain_operating_system
  • dd9410
  • dd6900
  • dm5500
  • apex_protection_storage
  • dd9900
CWE
CWE-918

Server-Side Request Forgery (SSRF)