CVE-2024-29174 Information

Description

Dell Data Domain versions prior to 7.13.0.0 LTS 7.7.5.30 LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to the execution of certain SQL commands on the application’s backend database causing unauthorized access to application data.

Reference

https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities