CVE-2024-28977
CVSS V2 None
CVSS V3 None
Description
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.
Overview
- CVE ID
- CVE-2024-28977
- Assigner
- dell
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-24T08:08:35.366Z
- Last Modified Date
- 2024-06-04T18:03:39.381Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.dell.com/support/kbdoc/en-us/000224414/dsa-2024-190-security-update-for-dell-repository-manager-vulnerability | vendor-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-28977 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28977 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 08:04:33 | Added to TrackCVE |