Vulnerability in Dell Data_lakehouse
CVE-2024-37143
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Ma…
EPSS: 0.008 (50.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Dell Data_lakehouse
- Dell Data Lakehouse — versions N/A
- Dell Insightiq — versions N/A
- Dell Powerflex Appliance — versions N/A
- Dell Powerflex Custom Node — versions N/A
- Dell Powerflex Rack — versions N/A
- Dell Insightiq
- Dell Powerflex_appliance_intelligent_catalog
- Dell Powerflex_manager
- Dell Powerflex_rack_release_certification_matrix
Weakness classification (CWE)
References
- security_alert@emc.com (vendor-advisory, Vendor Advisory)
Frequently asked questions
- What is CVE-2024-37143?
- CVE-2024-37143 is a critical-severity vulnerability in Dell Data_lakehouse, classified under Improper Link Resolution Before File Access. CVSS score: 10.0/10. Published 2024-12-10.
- How severe is CVE-2024-37143?
- Critical severity. CVSS v3 base score is 10.0 out of 10.