CVE-2024-37139

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource constraint of system application. Exploitation may lead to denial of service of the application.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*

History

23 Sep 2024, 21:02

Type Values Removed Values Added
First Time Dell
Dell data Domain Operating System
References () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities - Vendor Advisory
CPE cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
Summary
  • (es) Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de control inadecuado de un recurso durante su vida útil en una operación de administración. Un atacante remoto con pocos privilegios podría explotar esta vulnerabilidad, lo que provocaría una limitación temporal de recursos de la aplicación del sistema. La explotación puede dar lugar a la denegación del servicio de la aplicación.
CWE NVD-CWE-noinfo

26 Jun 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-26 04:15

Updated : 2024-09-23 21:02


NVD link : CVE-2024-37139

Mitre link : CVE-2024-37139

CVE.ORG link : CVE-2024-37139


JSON object : View

Products Affected

dell

  • data_domain_operating_system
CWE
NVD-CWE-noinfo CWE-664

Improper Control of a Resource Through its Lifetime