Headline
CVE-2023-44306: DSA-2023-425: Security Update for Dell PowerProtect Data Manager DM5500 Appliance for Multiple Vulnerabilities
Dell DM5500 contains a path traversal vulnerability in PPOE Component. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite the files stored on the server filesystem.
Impact
Critical
Details
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
Product
Affected Versions
Updated Version
Link
Dell PowerProtect Data Manager DM5500 Appliance
DM5500 5.14 and below
DM5500 5.15
https://dl.dell.com/downloads/HY8KV_PowerProtect-Data-Manager-DM5500-Appliance-5.15.0.0-Upgrade-file.pkg
Product
Affected Versions
Updated Version
Link
Dell PowerProtect Data Manager DM5500 Appliance
DM5500 5.14 and below
DM5500 5.15
https://dl.dell.com/downloads/HY8KV_PowerProtect-Data-Manager-DM5500-Appliance-5.15.0.0-Upgrade-file.pkg
Revision History
Revision
Date
Description
1.0
2023-12-04
Initial Release
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide