CVE-2024-47483 LOW

CVE-2024-47483

Vendor Dell
Product Data Lakehouse
Weakness CWE-89 · SQLi
Published October 25, 2024
Last update October 25, 2024

CVSS base score

2.9/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

Key dates

02Disclosure timeline

October 25, 2024 CVE published
October 25, 2024 Record updated