MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2024-38302

CVSS 6.8v3.1pub. 2024-07-18upd. 2025-02-04

Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data vulnerability in the DDAE (Starburst). A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • Dell Data Lakehouse

    APP
    Dell
    1.0.0.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-46608CRITICAL9.1PL ✓ten sam produkt

Nieprawidłowa kontrola dostępu w Dell Data Lakehouse — Elevation of Privileges

CVE-2024-37143CRITICAL10.0PL ✓ten sam produkt

Krytyczna podatność RCE w produktach Dell PowerFlex, InsightIQ i Data Lakehouse

CVE-2024-37144HIGH8.2ten sam produkt

Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior t...

CVE-2025-21110MEDIUM6.7ten sam produkt

Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerabilit...

CVE-2024-47481MEDIUM6.5ten sam produkt

Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unaut...