Multiple Flaws in Dell PowerProtect Products Execute Commands

Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing.
The severity for these vulnerabilities ranges between 4.3 and 8.8.
Relevant CVEs have been assigned to all these vulnerabilities, with CVE-2023-44286 associated with Cross-Site Scripting having the highest severity and CVE-2023-44284 with the lowest severity among the discovered vulnerabilities in Dell PowerProtect.
Nearly 8 vulnerabilities have been disclosed, including 4 OS command injections, 1 Path Traversal, 1 SQL injection, 1 Cross-site scripting, and 1 Privilege Escalation.
CVE-2023-48668, CVE-2023-44277, CVE-2023-48667, and CVE-2023-44279 were related to OS command injection vulnerability which can be exploited by a threat actor to potentially execute arbitrary OS commands or bypass security restrictions.
A threat actor could also potentially exploit some of these vulnerabilities and perform various activities such as taking over the system, executing OS commands with vulnerable application privileges, and many others.
CVE-2023-44278 is related to the Path Traversal vulnerability, which threat actors can exploit to gain unauthorized read and write access to the OS files stored on the server filesystem.
The severity for this vulnerability is given as 6.7.
CVE-2023-44284 is related to SQL injection vulnerability, which a threat actor could exploit to execute SQL commands on the application's backend database, resulting in unauthorized read access to the application data.
The severity for this vulnerability has been given as 4.3.
CVE-2023-44286 is related to cross-site scripting vulnerability, which the threat actor can potentially exploit to execute Javascript code in a victim user's DOM environment of the browser.
Successful exploitation could lead to information disclosure, session theft, or client-side request forgery.
The severity of this vulnerability has been given as 8.8.
CVE-2023-44285 is linked with a Privilege Escalation vulnerability, which a threat actor can exploit with low privilege to escalate their privilege due to improper access control.
The severity for this vulnerability has been given as 7.8.
10.1.15 and above to stay on LTS2023 7.10or7.
7.5.25 and above to stay on LTS2022 7.7 6.2.1.100 and below 6.2.1.110 and above CVE-2023-44286, CVE-2023-48668, CVE-2023-44285, CVE-2023-44277, CVE-2023-48667, CVE-2023-44279, CVE-2023-44278 Dell PowerProtect DD management Center 7.0 to 7.12.0.0 7.13.0.10 and aboveor7.
7.5.25 and above to stay on LTS2022 7.7 6.2.1.100 and below 6.2.1.110 and above.
The security advisory published by Dell provides detailed information about these vulnerabilities, their CVSS vector and other information.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 15 Dec 2023 11:45:04 +0000

Cyber News related to Multiple Flaws in Dell PowerProtect Products Execute Commands

Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products - Dell is urging customers of its PowerProtect products to review a newly released security advisory and patch a series of potentially serious vulnerabilities. The vulnerabilities impact PowerProtect Data Domain series appliances, which are designed to ...
1 year ago Packetstormsecurity.com CVE-2023-44286

Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
1 year ago Cybersecuritynews.com CVE-2023-44286 CVE-2023-44284 CVE-2023-48668 CVE-2023-44277 CVE-2023-48667 CVE-2023-44279 CVE-2023-44278 CVE-2023-44285

CVE-2018-1183 - In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to ...
6 years ago

Dell PowerProtect Systems Vulnerability Let Remote Attackers to Execute Arbitrary Commands - The vulnerability allows for “execution of arbitrary commands with root privileges,” essentially giving attackers complete control over affected systems. According to the security advisory, this vulnerability affects multiple versions of ...
1 month ago Cybersecuritynews.com CVE-2023-44277

Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
2 years ago Securityaffairs.com

Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
1 year ago Bleepingcomputer.com CVE-2023-42325 CVE-2023-42327 CVE-2023-42326

Dell says names, addresses leaked after hacker claims access to 49M records - Dell is warning customers that their names, physical addresses and some order information may have been accessed in a recent cybersecurity incident. A threat actor known as Menelik made a post on the cybercrime site BreachForums on April 28 claiming ...
1 year ago Packetstormsecurity.com

CVE-2020-5356 - Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect ...
4 years ago

Dell Data Breach Exposes Personal Information Of 49 Million - Personal details such as names and residential addresses were compromised in the breach, while sensitive financial information remained secure. Dell, the renowned computer manufacturer, has issued a cautionary notice to its customers regarding a ...
1 year ago Cysecurity.news

Google Chrome Six Flaws: Should You be Worried? - Google Chrome is one of the most widely used web browsers around the world, and while it is generally more secure than its predecessors, multiple security flaws have been recently revealed that users should be aware of. Recently, the Google Chrome ...
2 years ago Securityaffairs.com

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com

CVE-2018-1216 - A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere ...
7 years ago

CVE-2018-1215 - An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC ...
7 years ago

178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
1 year ago Darkreading.com CVE-2022-22274 CVE-2023-0656

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
1 year ago Bleepingcomputer.com

Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover - Microsoft has identified four vulnerabilities in the Perforce source-code management platform, the most critical of which gives attackers access to a highly privileged Windows OS account to potentially take over the system via remote code execution ...
1 year ago Darkreading.com CVE-2023-45849 CVE-2023-35767 CVE-2023-45319 CVE-2023-5759

Samsung Galaxy Store Flaws Put Millions of Devices Vulnerable - Researchers have discovered severe security flaws in the Samsung Galaxy Store application. These vulnerabilities put millions of users, including those who use Samsung phones, tablets, smart TVs, and wearables, at risk of cyberattacks. The security ...
2 years ago Securityaffairs.com

Nissan NA breach, VMware Pwn2Own fix, GE Ultrasound flaws - The car manufacturer has disclosed that a breach discovered last November has exposed personal data of more than 53,000 current and former employees of the company. This breach occurred during a hit on its external VPN by a threat actor who then ...
1 year ago Cisoseries.com

Threat Groups Rush to Exploit JetBrains' TeamCity CI/CD Security Flaws - The cyberthreats to users of JetBrains' TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for ...
1 year ago Securityboulevard.com CVE-2024-27198 CVE-2024-27199 BianLian

Privilege elevation exploits used in over 50% of insider attacks - Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. A report by ...
1 year ago Bleepingcomputer.com CVE-2017-0213

New ATM Malware family emerged in the threat landscape - Threat actors may have exploited a zero-day in older iPhones, Apple warns. Microsoft fixed two zero-day bugs exploited in malware attacks. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. Raspberry Robin spotted using two ...
1 year ago Securityaffairs.com CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-4966

Sav-Rx data breach impacted over 2.8 million individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks. Microsoft fixed two zero-day bugs exploited in malware ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 BianLian

Exploits released for critical Jenkins RCE flaw, patch now - Multiple proof-of-concept exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. ...
1 year ago Bleepingcomputer.com CVE-2024-23897 CVE-2024-23898

Multiple Dell Unity Vulnerabilities Let Attackers Compromise Affected System - Dell Technologies has released a critical security update addressing multiple severe vulnerabilities in its Unity enterprise storage systems that could allow attackers to execute arbitrary commands as root, delete critical system files, and perform ...
2 months ago Cybersecuritynews.com CVE-2024-49563

MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
11 months ago Darkreading.com CVE-2024-5806 CVE-2024-5805 CVE-2023-34362