CVE-2024-37135 LOW

CVE-2024-37135

Vendor Dell
Product Data Manager Appliance Software (DMAS)
Weakness CWE-256
Published July 31, 2024
Last update July 31, 2024

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Key dates

02Disclosure timeline

July 31, 2024 CVE published
July 31, 2024 Record updated