CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47977

Dell Avamar, version(s) 19.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.5%

CVSS Severity

CVSS v3 Score 7.1

References

https://www.dell.com/support/kbdoc/en-us/000258636/dsa-2024-489-security-update-for-dell-avamar-and-dell-avamar-virtual-edition-security-update-for-multiple-vulnerabilities

Products affected by CVE-2024-47977

Dell » Avamar Server » Version: 19.10

cpe:2.3:a:dell:avamar_server:19.10
Dell » Avamar Server » Version: 19.4

cpe:2.3:a:dell:avamar_server:19.4
Dell » Avamar Server » Version: 19.7

cpe:2.3:a:dell:avamar_server:19.7
Dell » Avamar Server » Version: 19.8

cpe:2.3:a:dell:avamar_server:19.8
Dell » Avamar Server » Version: 19.9

cpe:2.3:a:dell:avamar_server:19.9
Dell » Avamar Data Store » Version: gen4t

cpe:2.3:h:dell:avamar_data_store:gen4t
Dell » Avamar Data Store » Version: gen5a

cpe:2.3:h:dell:avamar_data_store:gen5a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-47977

Products

Pricing

Contact Us