CVE-2024-28980

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 13, 2024
CWE ID 327

Summary

CVE-2024-28980 is a newly disclosed vulnerability affecting Dell RecoverPoint for Virtual Machines version 6.0.x. This issue involves the utilization of a weak cryptographic algorithm in the SSH component, making it susceptible to remote exploitation. An unauthenticated attacker may leverage this vulnerability to gain unauthorized access and execute malicious code on the targeted system. The consequences of an exploit could be severe, potentially resulting in data theft or system compromise. Organizations running the affected version are urged to apply the necessary patches or upgrades to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share