Vulnerability Details CVE-2024-25971
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.2%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2024-25971
-
cpe:2.3:a:dell:powerprotect_data_manager:-
-
cpe:2.3:a:dell:powerprotect_data_manager:1.0
-
cpe:2.3:a:dell:powerprotect_data_manager:1.1
-
cpe:2.3:a:dell:powerprotect_data_manager:19.1
-
cpe:2.3:a:dell:powerprotect_data_manager:19.10
-
cpe:2.3:a:dell:powerprotect_data_manager:19.11
-
cpe:2.3:a:dell:powerprotect_data_manager:19.12
-
cpe:2.3:a:dell:powerprotect_data_manager:19.13
-
cpe:2.3:a:dell:powerprotect_data_manager:19.14
-
cpe:2.3:a:dell:powerprotect_data_manager:19.15
-
cpe:2.3:a:dell:powerprotect_data_manager:19.2
-
cpe:2.3:a:dell:powerprotect_data_manager:19.3
-
cpe:2.3:a:dell:powerprotect_data_manager:19.4
-
cpe:2.3:a:dell:powerprotect_data_manager:19.5
-
cpe:2.3:a:dell:powerprotect_data_manager:19.6
-
cpe:2.3:a:dell:powerprotect_data_manager:19.7
-
cpe:2.3:a:dell:powerprotect_data_manager:19.8
-
cpe:2.3:a:dell:powerprotect_data_manager:19.9
-
cpe:2.3:a:dell:powerprotect_data_manager:2.0
-
cpe:2.3:a:dell:powerprotect_data_manager:2.1