Vulnerability Description
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized read access to application data.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Powerprotect Data Protection | < 2.7.6 |
| Dell | Dp4400 | - |
| Dell | Dp5900 | - |
| Dell | Apex Protection Storage | < 6.2.1.110 |
| Dell | Powerprotect Data Domain | < 6.2.1.110 |
| Dell | Powerprotect Data Domain Management Center | < 6.2.1.110 |
| Dell | Emc Data Domain Os | < 6.2.1.110 |
| Dell | Dd3300 | - |
| Dell | Dd6400 | - |
| Dell | Dd6900 | - |
| Dell | Dd9400 | - |
| Dell | Dd9900 | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologieVendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologieVendor Advisory
FAQ
What is CVE-2023-44284?
CVE-2023-44284 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vuln...
How severe is CVE-2023-44284?
CVE-2023-44284 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44284?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Powerprotect Data Protection, Dell Dp4400, Dell Dp5900, Dell Apex Protection Storage, Dell Powerprotect Data Domain.