MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2024-48008

CVSS 5.3v3.1pub. 2024-12-13upd. 2025-02-04

Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • Dell Recoverpoint For Virtual Machines

    APP
    Dell
    6.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2024-22461HIGH8.8ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged ...

CVE-2024-22426HIGH7.2ten sam produkt

Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unaut...

CVE-2025-21105MEDIUM6.6ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged mali...

CVE-2025-21106MEDIUM5.5ten sam produkt

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low priv...