CVE-2024-29173 MEDIUM

CVE-2024-29173

Vendor Dell
Product PowerProtect DD
Weakness CWE-918 · SSRF
Published June 26, 2024
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

6.8/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote client.

Key dates

02Disclosure timeline

June 26, 2024 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-22772 Fulcio vulnerable to Server-Side Request Forgery (SSRF) via MetaIssuer Regex Bypass CVE-2025-11467 RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 5.1.1 - Unauthenticated Blind Server-Side Request Forgery CVE-2023-48711 Server-Side Request Forgery (SSRF) Vulnerability in google-translate-api-browser CVE-2024-54000 Mobile Security Framework (MobSF) bypass of SSRF fix CVE-2022-44729 Apache XML Graphics Batik: Information disclosure vulnerability