CVE-2024-22460

EUVD-2024-20004
Dell PowerProtect DM5500 version 5.15.0.0 and prior contains an insecure deserialization Vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability, leading to arbitrary code execution on the vulnerable application.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.2 LOW
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
delldm5500_firmware
𝑥
< 5.16.0.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
dellpowerprotect_data_manager_dm5500_firmware
𝑥
≤ 5.15
ADP
Common Weakness Enumeration
References
https://www.dell.com/support/kbdoc/en-us/000224843/dsa-2024-083-security-update-for-dell-powerprotect-data-manager-appliance-for-multiple-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000224843/dsa-2024-083-security-update-for-dell-powerprotect-data-manager-appliance-for-multiple-vulnerabilities