CVE-2024-48007 | THREATINT

Description

Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the system leading to gaining access to unauthorized data.

PUBLISHED Reserved 2024-10-08 | Published 2024-12-13 | Updated 2025-03-13 | Assigner dell

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

A07:2021 - Identification and Authentication Failures

Product status

Default status

unaffected

6.0 SP1

affected

6.0 SP1 P1

affected

References

www.dell.com/...ltiple-third-party-component-vulnerabilities vendor-advisory

cve.org (CVE-2024-48007)

nvd.nist.gov (CVE-2024-48007)

Download JSON