CVE-2024-37136

MEDIUM

Dell Path to PowerProtect <1.2 - Info Disclosure

Title source: llm

Description

Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information exposure.

References (1)

[Vendor Advisory] https://www.dell.com/support/kbdoc/en-us/000227430/dsa-2024-291-security-update-for-dell-path-to-powerprotect-for-security-vulnerability

Scores

CVSS v3 6.8

EPSS 0.0027

EPSS Percentile 50.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-359

Status published

Products (2)

dell/path_to_powerprotect 1.1

dell/path_to_powerprotect 1.2

Published Sep 03, 2024

Tracked Since Feb 18, 2026