May 3, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Donot APT Group – Active IOCs
February 12, 2024
Rewterz Threat Alert – New Banking Trojan Coyote Malware Hunts for Credentials from 61 Banking Apps – Active IOCs
February 12, 2024
Rewterz Threat Alert – Donot APT Group – Active IOCs
February 12, 2024
Rewterz Threat Alert – New Banking Trojan Coyote Malware Hunts for Credentials from 61 Banking Apps – Active IOCs
February 12, 2024
Severity
Medium
Analysis Summary
CVE-2024-22464 CVSS:6.2
Dell EMC AppSync could allow a remote authenticated attacker to obtain sensitive information, caused by the insertion of sensitive information into the AppSync server log files. By gaining access to the log files, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-22433 CVSS:8.8
Dell Data Protection Search could allow a remote attacker to obtain sensitive information, caused by the storage of user credentials in plain-text by the LdapSettings.get_ldap_info in DP Search functionality. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2024-22449 CVSS:6.6
Dell EMC PowerScale OneFS could allow a local authenticated attacker to gain elevated privileges on the system, caused by missing authentication for critical function vulnerability. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2024-22432 CVSS:7.8
Dell NetWorker Virtual Edition could allow a local authenticated attacker to gain elevated privileges on the system, caused by a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. An attacker could exploit this vulnerability to disclose configured MySQL Database user credentials and gain elevated privileges on the system.
CVE-2024-22229 CVSS:3.1
Dell Unity could allow a remote authenticated attacker to conduct spoofing attacks. By sending a specially crafted request, an attacker could exploit this vulnerability to spoof the log messages, allowing the attacker to forge log entries, create false alarms, and inject malicious content into logs that compromise logs integrity.
CVE-2023-44281 CVSS:6.6
Dell Pair Installer could allow a remote authenticated attacker to gain elevated privileges on the system. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to delete arbitrary files and cause a denial of service.
Impact
- Denial of Service
- Gain Access
- Privilege Escalation
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2024-21762
Affected Vendors
Dell
Affected Products
- Dell EMC PowerScale OneFS 9.0.0
- Dell EMC PowerScale OneFS 9.1.0
- Dell EMC PowerScale OneFS 9.2.0
- Dell EMC PowerScale OneFS 9.2.1
- Dell EMC PowerScale OneFS 9.1.1
- Dell EMC PowerScale OneFS 9.3.0
- Dell EMC PowerScale OneFS 9.6.1.0
- Dell EMC AppSync 4.2.0.0
- Dell EMC AppSync 4.6.0.1
- Dell Data Protection Search 19.2.0
- Dell NetWorker Virtual Edition 19.7
- Dell NetWorker Virtual Edition 19.7.0.5
- Dell NetWorker Virtual Edition 19.8
- Dell NetWorker Virtual Edition 19.8.0.3
- Dell NetWorker Virtual Edition 19.9
- Dell NetWorker Virtual Edition 19.9.0.2
- Dell Unity 5.3
- Dell Unity 5.2
- Dell Pair Installer 1.2.0
- Dell Pair Installer 1.1.9
Remediation
Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.