Vulnerabilities > CVE-2024-29173 - Unspecified vulnerability in Dell Data Domain Operating System

CVSS 4.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

dell

NVD

Published: 2024-06-26

Updated: 2025-02-03

Summary

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote client.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Data Domain Operating System 7.0 Dell Data Domain Operating System 7.7.1.0 Dell Data Domain Operating System 7.7.5.40 Dell Data Domain Operating System 7.7.5.50 Dell Data Domain Operating System 7.8.0.0 Dell Data Domain Operating System 7.10.1.30 Dell Data Domain Operating System 7.10.1.40 Dell Data Domain Operating System 7.11.0.0 Dell Data Domain Operating System -	9
Application	Dell Dell Apex Protection Storage -	2
Hardware	Dell Dell Dd3300 - Dell Dd6400 - Dell Dd6900 - Dell Dd9400 - Dell Dd9410 - Dell Dd9900 - Dell Dd9910 - Dell Dm5500 -	8

Summary

Vulnerable Configurations

References