CVE-2023-44284

Published Dec 14, 2023

Last updated a year ago

CVSS medium 4.3

Overview

Description: Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized read access to application data.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.3
Impact score: 1.4
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-89
security_alert@emc.com: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dell:powerprotect_data_protection:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ECDF606-7EAF-4846-AE1F-4DDD6E4A0F9E",
            "versionEndExcluding": "2.7.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:dp4400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4886295D-2A46-4AD3-8DC4-0FA212640C31"
          },
          {
            "criteria": "cpe:2.3:h:dell:dp5900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5D3E6F9-70B2-4347-A58B-0868395D6193"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69E4E017-55A9-4E0F-A7EF-C4100B8AB1D7",
            "versionEndExcluding": "6.2.1.110"
          },
          {
            "criteria": "cpe:2.3:a:dell:apex_protection_storage:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86944363-EB13-4C55-9B54-6416B7B6D8E1",
            "versionEndExcluding": "7.10.1.15",
            "versionStartIncluding": "7.0"
          },
          {
            "criteria": "cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E55E7C34-C4A4-4E91-A1A8-CEADB6423BB1",
            "versionEndExcluding": "6.2.1.110"
          },
          {
            "criteria": "cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:virtual:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0C53AB7-8C4F-4B92-A229-363D39A6CEDC",
            "versionEndExcluding": "7.12.0.0",
            "versionStartIncluding": "7.0"
          },
          {
            "criteria": "cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9540FB1D-8ACB-4697-9F64-0CC6EB81706E",
            "versionEndExcluding": "6.2.1.110"
          },
          {
            "criteria": "cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F4CE859-62A1-4DB5-B986-FC2943D66A5A",
            "versionEndExcluding": "7.13.0.10",
            "versionStartIncluding": "7.0"
          },
          {
            "criteria": "cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF1B175C-0AF1-42C1-9F84-47BC260C3819",
            "versionEndExcluding": "6.2.1.110"
          },
          {
            "criteria": "cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BD632A5-142D-4FA3-85FE-EAC079EFA8D8",
            "versionEndExcluding": "7.12.0.0",
            "versionStartIncluding": "7.0"
          },
          {
            "criteria": "cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2022:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BADA4FAB-B4E2-43D8-8BE6-960B333D8CB8",
            "versionEndExcluding": "7.7.5.25",
            "versionStartIncluding": "7.7"
          },
          {
            "criteria": "cpe:2.3:o:dell:emc_data_domain_os:*:*:*:*:lts2023:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "585FCF80-A59C-4070-9D7D-8B707983A6ED",
            "versionEndExcluding": "7.10.1.15",
            "versionStartIncluding": "7.10"
          },
          {
            "criteria": "cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2022:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D0424A4-BA46-4CF3-8704-CC894EF2B194",
            "versionEndExcluding": "7.7.5.25",
            "versionStartIncluding": "7.7"
          },
          {
            "criteria": "cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2023:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDE4E1BC-05DC-4B31-B0C1-97DBA2BE9CE9",
            "versionEndExcluding": "7.10.1.15",
            "versionStartIncluding": "7.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:dell:dd3300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AA4D9616-4482-4173-9507-6B8EC15F3521"
          },
          {
            "criteria": "cpe:2.3:h:dell:dd6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4A81372F-E8DC-49AB-AC12-700F76D4C2C6"
          },
          {
            "criteria": "cpe:2.3:h:dell:dd6900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5525030D-2AA9-4AB6-8B15-D09214C1834E"
          },
          {
            "criteria": "cpe:2.3:h:dell:dd9400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C08E46D-6795-46DB-BA6C-548D7B8EBFA5"
          },
          {
            "criteria": "cpe:2.3:h:dell:dd9900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "105F8F20-3EB3-49E7-82BE-3A5742EAA51E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References