CVE-2024-29176

{"id": "CVE-2024-29176", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-06-26T03:15:10.533", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Undergoing Analysis", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}, {"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-788"}]}], "descriptions": [{"lang": "en", "value": "Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a buffer overflow vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code on the vulnerable application's underlying operating system with privileges of the vulnerable application."}, {"lang": "es", "value": "Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de desbordamiento del b\u00fafer. Un atacante remoto con pocos privilegios podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda un bloqueo de la aplicaci\u00f3n o la ejecuci\u00f3n de c\u00f3digo arbitrario en el sistema operativo subyacente de la aplicaci\u00f3n vulnerable con los privilegios de la aplicaci\u00f3n vulnerable."}], "lastModified": "2024-09-23T21:11:39.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6A0B6C8-491A-46F2-A330-15000DE501BA", "versionEndExcluding": "7.7.5.40"}, {"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28F4339F-F4B0-479A-B300-ADB987171B31", "versionEndExcluding": "7.10.1.30", "versionStartIncluding": "7.8.0.0"}, {"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EF3066F-F378-4AA6-B50C-B33C22C57492", "versionEndExcluding": "7.13.1.0", "versionStartIncluding": "7.11.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}