{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29176", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2024-03-18T08:44:18.924Z", "datePublished": "2024-06-26T02:37:54.785Z", "dateUpdated": "2024-10-30T13:29:57.031Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PowerProtect DD", "vendor": "Dell", "versions": [{"lessThanOrEqual": "7.13", "status": "affected", "version": "7.0", "versionType": "semver"}, {"lessThan": "2.7.7", "status": "affected", "version": "N/A", "versionType": "semver"}, {"lessThan": "5.16.0.0", "status": "affected", "version": "N/A", "versionType": "semver"}]}], "datePublic": "2024-06-24T06:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution."}], "value": "Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2024-10-30T13:29:57.031Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "dell", "product": "powerprotect_dd", "cpes": ["cpe:2.3:h:dell:powerprotect_dd:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "7.0", "status": "affected", "lessThanOrEqual": "7.13", "versionType": "semver"}, {"version": "0", "status": "affected", "lessThan": "2.7.7", "versionType": "semver"}, {"version": "0", "status": "affected", "lessThan": "5.16.0.0", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-26T15:30:17.062826Z", "id": "CVE-2024-29176", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-03T13:36:36.074Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:10:54.073Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:10:54.073Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-29176", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-26T15:30:17.062826Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:dell:powerprotect_dd:*:*:*:*:*:*:*:*"], "vendor": "dell", "product": "powerprotect_dd", "versions": [{"status": "affected", "version": "7.0", "versionType": "semver", "lessThanOrEqual": "7.13"}, {"status": "affected", "version": "0", "lessThan": "2.7.7", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "5.16.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T15:40:58.827Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "PowerProtect DD", "versions": [{"status": "affected", "version": "7.0", "versionType": "semver", "lessThanOrEqual": "7.13"}, {"status": "affected", "version": "N/A", "lessThan": "2.7.7", "versionType": "semver"}, {"status": "affected", "version": "N/A", "lessThan": "5.16.0.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2024-06-24T06:30:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.", "supportingMedia": [{"type": "text/html", "value": "Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2024-10-30T13:29:57.031Z"}}}, "cveMetadata": {"cveId": "CVE-2024-29176", "state": "PUBLISHED", "dateUpdated": "2024-10-30T13:29:57.031Z", "dateReserved": "2024-03-18T08:44:18.924Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2024-06-26T02:37:54.785Z", "assignerShortName": "dell"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BD07CAF-9671-475C-810D-1BFBFA881E09", "versionEndExcluding": "7.7.5.40", "versionStartIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "28F4339F-F4B0-479A-B300-ADB987171B31", "versionEndExcluding": "7.10.1.30", "versionStartIncluding": "7.8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EF3066F-F378-4AA6-B50C-B33C22C57492", "versionEndExcluding": "7.13.1.0", "versionStartIncluding": "7.11.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:in-cloud:*:*:*", "matchCriteriaId": "83DBF4F3-791C-48A2-B37E-6B3F6177B470", "vulnerable": false}, {"criteria": "cpe:2.3:a:dell:apex_protection_storage:-:*:*:*:on-premises:*:*:*", "matchCriteriaId": "D007B2BB-082B-4D33-A6A1-77714341C75C", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*", "matchCriteriaId": "AA4D9616-4482-4173-9507-6B8EC15F3521", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A81372F-E8DC-49AB-AC12-700F76D4C2C6", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*", "matchCriteriaId": "5525030D-2AA9-4AB6-8B15-D09214C1834E", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C08E46D-6795-46DB-BA6C-548D7B8EBFA5", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd9410:-:*:*:*:*:*:*:*", "matchCriteriaId": "F820D2BB-4773-4B2F-BC50-9474B44DB8F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*", "matchCriteriaId": "105F8F20-3EB3-49E7-82BE-3A5742EAA51E", "vulnerable": false}, {"criteria": "cpe:2.3:h:dell:dd9910:-:*:*:*:*:*:*:*", "matchCriteriaId": "84F58819-777E-43C1-B1EA-FFD7CDF79234", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "D655A40E-7358-4E29-BDC6-8CC2E8BA1D63", "versionEndExcluding": "5.16.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dell:dm5500:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B15806F-F6F1-4B26-921C-FE7620B3539F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerProtect DD, version(s) 8.0, 7.13.1.0, 7.10.1.30, 7.7.5.40, contain(s) an Out-of-bounds Write vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution."}, {"lang": "es", "value": "Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de desbordamiento del b\u00fafer. Un atacante remoto con pocos privilegios podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda un bloqueo de la aplicaci\u00f3n o la ejecuci\u00f3n de c\u00f3digo arbitrario en el sistema operativo subyacente de la aplicaci\u00f3n vulnerable con los privilegios de la aplicaci\u00f3n vulnerable."}], "id": "CVE-2024-29176", "lastModified": "2024-10-30T14:15:05.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security_alert@emc.com", "type": "Secondary"}]}, "published": "2024-06-26T03:15:10.533", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "security_alert@emc.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}