CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-28977

Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.6%

CVSS Severity

CVSS v3 Score 3.3

References

https://www.dell.com/support/kbdoc/en-us/000224414/dsa-2024-190-security-update-for-dell-repository-manager-vulnerability
https://www.dell.com/support/kbdoc/en-us/000224414/dsa-2024-190-security-update-for-dell-repository-manager-vulnerability

Products affected by CVE-2024-28977

Dell » Repository Manager » Version: 3.4.2

cpe:2.3:a:dell:repository_manager:3.4.2
Dell » Repository Manager » Version: 3.4.3

cpe:2.3:a:dell:repository_manager:3.4.3
Dell » Repository Manager » Version: 3.4.4

cpe:2.3:a:dell:repository_manager:3.4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-28977

Products

Pricing

Contact Us