CVE-2024-29175

Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*

History

23 Sep 2024, 21:13

Type Values Removed Values Added
First Time Dell
Dell data Domain Operating System
References () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - Vendor Advisory
CPE cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
Summary
  • (es) Dell PowerProtect Data Domain, versiones anteriores a 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contienen una vulnerabilidad de algoritmo criptográfico débil. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, lo que provocaría un ataque de intermediario que exponga información confidencial de la sesión.

26 Jun 2024, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-26 03:15

Updated : 2024-09-23 21:13


NVD link : CVE-2024-29175

Mitre link : CVE-2024-29175

CVE.ORG link : CVE-2024-29175


JSON object : View

Products Affected

dell

  • data_domain_operating_system
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm