CVE-2024-29175 Information

Description

Dell PowerProtect Data Domain versions prior to 7.13.0.0 LTS 7.7.5.40 LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to man-in-the-middle attack that exposes sensitive session information.

Reference

https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities