CVE-2024-37143
 
Severity Score
10.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Improper Link Resolution Before File Access vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to execute arbitrary code on the system.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-06-03 CVE Reserved
- 2024-12-10 CVE Published
- 2024-12-10 EPSS Updated
- 2024-12-11 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-59: Improper Link Resolution Before File Access ('Link Following')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Dell PowerFlex Appliance Search vendor "Dell" for product "Dell PowerFlex Appliance" | < 46.381.00 Search vendor "Dell" for product "Dell PowerFlex Appliance" and version " < 46.381.00" | en |
Affected
| ||||||
Dell Search vendor "Dell" | Dell PowerFlex Appliance Search vendor "Dell" for product "Dell PowerFlex Appliance" | < 46.376.00 Search vendor "Dell" for product "Dell PowerFlex Appliance" and version " < 46.376.00" | en |
Affected
| ||||||
Dell Search vendor "Dell" | Dell PowerFlex Rack Search vendor "Dell" for product "Dell PowerFlex Rack" | < 3.8.1.0 Search vendor "Dell" for product "Dell PowerFlex Rack" and version " < 3.8.1.0" | en |
Affected
| ||||||
Dell Search vendor "Dell" | Dell PowerFlex Rack Search vendor "Dell" for product "Dell PowerFlex Rack" | < 3.7.6.0 Search vendor "Dell" for product "Dell PowerFlex Rack" and version " < 3.7.6.0" | en |
Affected
| ||||||
Dell Search vendor "Dell" | Dell PowerFlex Custom Node Search vendor "Dell" for product "Dell PowerFlex Custom Node" | < 4.6.1.0 Search vendor "Dell" for product "Dell PowerFlex Custom Node" and version " < 4.6.1.0" | en |
Affected
| ||||||
Dell Search vendor "Dell" | Dell InsightIQ Search vendor "Dell" for product "Dell InsightIQ" | < 5.1.1 Search vendor "Dell" for product "Dell InsightIQ" and version " < 5.1.1" | en |
Affected
| ||||||
Dell Search vendor "Dell" | Dell Data Lakehouse Search vendor "Dell" for product "Dell Data Lakehouse" | < 1.2.0.0 Search vendor "Dell" for product "Dell Data Lakehouse" and version " < 1.2.0.0" | en |
Affected
|