CVE-2024-51534 HIGH

CVE-2024-51534

Vendor Dell
Product PowerProtect DD
Weakness CWE-29
Published February 1, 2025
Last update February 12, 2025

CVSS base score

7.1/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service.

Key dates

02Disclosure timeline

February 1, 2025 CVE published
February 12, 2025 Record updated