CVE-2023-48667 (GCVE-0-2023-48667)

Vulnerability from cvelistv5 – Published: 2023-12-14 15:40 – Updated: 2024-08-02 21:37
VLAI?
Summary
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker.
Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
Vendor Product Version
Dell PowerProtect DD Affected: Versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:37:54.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PowerProtect DD",
          "vendor": "Dell",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110"
            }
          ]
        }
      ],
      "datePublic": "2023-12-14T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application\u0027s underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker. \u003c/span\u003e\n\n"
            }
          ],
          "value": "\nDell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application\u0027s underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker. \n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-14T15:40:07.760Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2023-48667",
    "datePublished": "2023-12-14T15:40:07.760Z",
    "dateReserved": "2023-11-17T06:14:57.042Z",
    "dateUpdated": "2024-08-02T21:37:54.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.2.1.110\", \"matchCriteriaId\": \"69E4E017-55A9-4E0F-A7EF-C4100B8AB1D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.10.1.15\", \"matchCriteriaId\": \"86944363-EB13-4C55-9B54-6416B7B6D8E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:*\", \"versionEndExcluding\": \"6.2.1.110\", \"matchCriteriaId\": \"E55E7C34-C4A4-4E91-A1A8-CEADB6423BB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.12.0.0\", \"matchCriteriaId\": \"F0C53AB7-8C4F-4B92-A229-363D39A6CEDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.2.1.110\", \"matchCriteriaId\": \"9540FB1D-8ACB-4697-9F64-0CC6EB81706E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.13.0.10\", \"matchCriteriaId\": \"0F4CE859-62A1-4DB5-B986-FC2943D66A5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.2.1.110\", \"matchCriteriaId\": \"DF1B175C-0AF1-42C1-9F84-47BC260C3819\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.12.0.0\", \"matchCriteriaId\": \"0BD632A5-142D-4FA3-85FE-EAC079EFA8D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2022:*:*:*\", \"versionStartIncluding\": \"7.7\", \"versionEndExcluding\": \"7.7.5.25\", \"matchCriteriaId\": \"BADA4FAB-B4E2-43D8-8BE6-960B333D8CB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2023:*:*:*\", \"versionStartIncluding\": \"7.10\", \"versionEndExcluding\": \"7.10.1.15\", \"matchCriteriaId\": \"585FCF80-A59C-4070-9D7D-8B707983A6ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2022:*:*:*\", \"versionStartIncluding\": \"7.7\", \"versionEndExcluding\": \"7.7.5.25\", \"matchCriteriaId\": \"9D0424A4-BA46-4CF3-8704-CC894EF2B194\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2023:*:*:*\", \"versionStartIncluding\": \"7.10\", \"versionEndExcluding\": \"7.10.1.15\", \"matchCriteriaId\": \"EDE4E1BC-05DC-4B31-B0C1-97DBA2BE9CE9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA4D9616-4482-4173-9507-6B8EC15F3521\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A81372F-E8DC-49AB-AC12-700F76D4C2C6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5525030D-2AA9-4AB6-8B15-D09214C1834E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C08E46D-6795-46DB-BA6C-548D7B8EBFA5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"105F8F20-3EB3-49E7-82BE-3A5742EAA51E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:dell:powerprotect_data_protection:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.6\", \"matchCriteriaId\": \"3ECDF606-7EAF-4846-AE1F-4DDD6E4A0F9E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dp4400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4886295D-2A46-4AD3-8DC4-0FA212640C31\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:dell:dp5900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5D3E6F9-70B2-4347-A58B-0868395D6193\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"\\nDell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application\u0027s underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker. \\n\\n\"}, {\"lang\": \"es\", \"value\": \"Dell PowerProtect DD, versiones anteriores a 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contienen una vulnerabilidad de inyecci\\u00f3n de comandos del sistema operativo en la Interfaz de L\\u00ednea de Comandos (CLI) del administrador. Un atacante remoto con privilegios elevados podr\\u00eda explotar esta vulnerabilidad, lo que llevar\\u00eda a la ejecuci\\u00f3n de comandos arbitrarios del sistema operativo en el sistema operativo subyacente de la aplicaci\\u00f3n para eludir las restricciones de seguridad. La explotaci\\u00f3n puede llevar a que un atacante se apodere del sistema.\"}]",
      "id": "CVE-2023-48667",
      "lastModified": "2024-11-21T08:32:13.730",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security_alert@emc.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}]}",
      "published": "2023-12-14T16:15:50.040",
      "references": "[{\"url\": \"https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities\", \"source\": \"security_alert@emc.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security_alert@emc.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security_alert@emc.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-48667\",\"sourceIdentifier\":\"security_alert@emc.com\",\"published\":\"2023-12-14T16:15:50.040\",\"lastModified\":\"2024-11-21T08:32:13.730\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nDell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application\u0027s underlying OS to bypass security restriction. Exploitation may lead to a system take over by an attacker. \\n\\n\"},{\"lang\":\"es\",\"value\":\"Dell PowerProtect DD, versiones anteriores a 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contienen una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en la Interfaz de L\u00ednea de Comandos (CLI) del administrador. Un atacante remoto con privilegios elevados podr\u00eda explotar esta vulnerabilidad, lo que llevar\u00eda a la ejecuci\u00f3n de comandos arbitrarios del sistema operativo en el sistema operativo subyacente de la aplicaci\u00f3n para eludir las restricciones de seguridad. La explotaci\u00f3n puede llevar a que un atacante se apodere del sistema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security_alert@emc.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.1.110\",\"matchCriteriaId\":\"69E4E017-55A9-4E0F-A7EF-C4100B8AB1D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.10.1.15\",\"matchCriteriaId\":\"86944363-EB13-4C55-9B54-6416B7B6D8E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:*\",\"versionEndExcluding\":\"6.2.1.110\",\"matchCriteriaId\":\"E55E7C34-C4A4-4E91-A1A8-CEADB6423BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.12.0.0\",\"matchCriteriaId\":\"F0C53AB7-8C4F-4B92-A229-363D39A6CEDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.1.110\",\"matchCriteriaId\":\"9540FB1D-8ACB-4697-9F64-0CC6EB81706E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.13.0.10\",\"matchCriteriaId\":\"0F4CE859-62A1-4DB5-B986-FC2943D66A5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.1.110\",\"matchCriteriaId\":\"DF1B175C-0AF1-42C1-9F84-47BC260C3819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.12.0.0\",\"matchCriteriaId\":\"0BD632A5-142D-4FA3-85FE-EAC079EFA8D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2022:*:*:*\",\"versionStartIncluding\":\"7.7\",\"versionEndExcluding\":\"7.7.5.25\",\"matchCriteriaId\":\"BADA4FAB-B4E2-43D8-8BE6-960B333D8CB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2023:*:*:*\",\"versionStartIncluding\":\"7.10\",\"versionEndExcluding\":\"7.10.1.15\",\"matchCriteriaId\":\"585FCF80-A59C-4070-9D7D-8B707983A6ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2022:*:*:*\",\"versionStartIncluding\":\"7.7\",\"versionEndExcluding\":\"7.7.5.25\",\"matchCriteriaId\":\"9D0424A4-BA46-4CF3-8704-CC894EF2B194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2023:*:*:*\",\"versionStartIncluding\":\"7.10\",\"versionEndExcluding\":\"7.10.1.15\",\"matchCriteriaId\":\"EDE4E1BC-05DC-4B31-B0C1-97DBA2BE9CE9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4D9616-4482-4173-9507-6B8EC15F3521\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A81372F-E8DC-49AB-AC12-700F76D4C2C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5525030D-2AA9-4AB6-8B15-D09214C1834E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C08E46D-6795-46DB-BA6C-548D7B8EBFA5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"105F8F20-3EB3-49E7-82BE-3A5742EAA51E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dell:powerprotect_data_protection:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.6\",\"matchCriteriaId\":\"3ECDF606-7EAF-4846-AE1F-4DDD6E4A0F9E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dp4400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4886295D-2A46-4AD3-8DC4-0FA212640C31\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:dell:dp5900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5D3E6F9-70B2-4347-A58B-0868395D6193\"}]}]}],\"references\":[{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities\",\"source\":\"security_alert@emc.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.