Vulnerability Description
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server filesystem, with the privileges of the running application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Powerprotect Data Protection | < 2.7.6 |
| Dell | Dp4400 | - |
| Dell | Dp5900 | - |
| Dell | Apex Protection Storage | < 6.2.1.110 |
| Dell | Powerprotect Data Domain | < 6.2.1.110 |
| Dell | Powerprotect Data Domain Management Center | < 6.2.1.110 |
| Dell | Emc Data Domain Os | < 6.2.1.110 |
| Dell | Dd3300 | - |
| Dell | Dd6400 | - |
| Dell | Dd6900 | - |
| Dell | Dd9400 | - |
| Dell | Dd9900 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologieVendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologieVendor Advisory
FAQ
What is CVE-2023-44278?
CVE-2023-44278 is a vulnerability with a CVSS score of 6.7 (MEDIUM). Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vul...
How severe is CVE-2023-44278?
CVE-2023-44278 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44278?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Powerprotect Data Protection, Dell Dp4400, Dell Dp5900, Dell Apex Protection Storage, Dell Powerprotect Data Domain.