CVE-2024-39581

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-39581
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:insightiq:*:*:*:*:*:*:*:*
History

16 Sep 2024, 15:50

Type Values Removed Values Added
First Time Dell insightiq
Dell
CPE cpe:2.3:a:dell:insightiq:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 7.3 		v2 : unknown
v3 : 9.8
References () https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities - Vendor Advisory

10 Sep 2024, 12:09

Type Values Removed Values Added
Summary
  • (es) Dell PowerScale InsightIQ, versiones 5.0 a 5.1, contiene una vulnerabilidad de acceso a archivos o directorios por parte de terceros. Un atacante no autenticado con acceso remoto podría aprovechar esta vulnerabilidad para leer, modificar y eliminar archivos arbitrarios.

10 Sep 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-09-10 09:15

Updated : 2024-09-16 15:50

NVD link : CVE-2024-39581

Mitre link : CVE-2024-39581

CVE.ORG link : CVE-2024-39581

JSON object : View

Products Affected

dell

  • insightiq
CWE
CWE-552

Files or Directories Accessible to External Parties