CVE-2024-37144

CVSS 3.1 Score 8.2 of 10 (high)

Details

Published Dec 10, 2024
CWE ID 922

Summary

CVE-2024-37144 is a newly disclosed vulnerability affecting various Dell products, including PowerFlex appliances, rack versions, custom nodes, InsightIQ, and Data Lakehouse, prior to specific versions. The vulnerability involves the insecure storage of sensitive information. A local high-privileged attacker could exploit this issue, potentially leading to information disclosure. The disclosed information could be utilized by the attacker for unauthorized access to pods within the affected cluster. Upgrades to the latest versions are strongly recommended to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share