Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2024-06-26T03:54:38.461Z
Updated: 2024-06-26T14:49:39.900Z
Reserved: 2024-06-03T12:10:32.206Z
Link: CVE-2024-37140
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-26T04:15:13.667
Modified: 2024-06-26T12:44:29.693
Link: CVE-2024-37140
JSON object: View
Redhat Information
No data.
CWE