CVE-2024-24902

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Dec 13, 2024
CWE ID 284

Summary

CVE-2024-24902 is a newly disclosed vulnerability affecting Dell RecoverPoint for Virtual Machines version 6.0. An improper access control issue has been identified in this software, allowing a low privileged local attacker to potentially gain unauthorized access to sensitive data for a brief period. This vulnerability could enable data theft or other malicious activities if successfully exploited. It is recommended that users of Dell RecoverPoint for Virtual Machines 6.0 upgrade to the latest version or apply the appropriate patches as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share