CVE-2024-48007
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-48007 is a newly disclosed vulnerability affecting Dell RecoverPoint for Virtual Machines version 6.0.x. The issue involves the use of hard-coded credentials within the software, making it an attractive target for remote, unauthenticated attackers. Successful exploitation of this vulnerability could grant attackers access to the source code, enabling them to retrieve sensitive secrets and ultimately gain unauthorized access to protected data. This poses a significant risk to organizations using the affected software and emphasizes the importance of timely patches and vigilant cybersecurity practices.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Dell Technologies, Inc.