CVE-2024-51532 HIGH

CVE-2024-51532

Vendor Dell
Product PowerStore
Weakness CWE-88
Published December 19, 2024
Last update December 24, 2024

CVSS base score

7.1/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.

Key dates

02Disclosure timeline

December 19, 2024 CVE published
December 24, 2024 Record updated