CVE-2024-38482

CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:cloudlink:*:*:*:*:*:*:*:*

History

05 Sep 2024, 16:04

Type Values Removed Values Added
CWE NVD-CWE-Other
CVSS v2 : unknown
v3 : 6.6
v2 : unknown
v3 : 7.2
CPE cpe:2.3:a:dell:cloudlink:*:*:*:*:*:*:*:*
References () https://www.dell.com/support/kbdoc/en-us/000227493/dsa-2024-343-security-update-for-dell-cloudlink-vulnerability - () https://www.dell.com/support/kbdoc/en-us/000227493/dsa-2024-343-security-update-for-dell-cloudlink-vulnerability - Vendor Advisory
First Time Dell cloudlink
Dell

02 Aug 2024, 12:59

Type Values Removed Values Added
Summary
  • (es) CloudLink, versiones 7.1.x y 8.x, contienen una vulnerabilidad de verificación o manejo incorrecto de las condiciones excepcionales en el componente del clúster. Un usuario malintencionado con privilegios elevados y acceso remoto podría explotar esta vulnerabilidad, lo que llevaría a ejecutar acciones no autorizadas y recuperar información confidencial de la base de datos.

02 Aug 2024, 04:17

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-02 04:17

Updated : 2024-09-05 16:04


NVD link : CVE-2024-38482

Mitre link : CVE-2024-38482

CVE.ORG link : CVE-2024-38482


JSON object : View

Products Affected

dell

  • cloudlink
CWE
NVD-CWE-Other CWE-703

Improper Check or Handling of Exceptional Conditions