CVE Vulnerabilities

CVE-2024-48008

ASP.NET Misconfiguration: Creating Debug Binary

Published: Dec 13, 2024 | Modified: Feb 04, 2025
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information

Weakness

Debugging messages help attackers learn about the system and plan a form of attack.

Affected Software

Name Vendor Start Version End Version
Recoverpoint_for_virtual_machines Dell 6.0-sp1 (including) 6.0-sp1 (including)
Recoverpoint_for_virtual_machines Dell 6.0-sp1_p1 (including) 6.0-sp1_p1 (including)

Potential Mitigations

References