{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T12:47:41.119","vulnerabilities":[{"cve":{"id":"CVE-2023-48668","sourceIdentifier":"security_alert@emc.com","published":"2023-12-14T16:15:50.257","lastModified":"2024-11-21T08:32:13.863","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nDell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 on DDMC contain an OS command injection vulnerability in an admin operation. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the managed system application's underlying OS with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker on a managed system of DDMC. \n\n"},{"lang":"es","value":"Dell PowerProtect DD, versiones anteriores a 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 en DDMC contienen una vulnerabilidad de inyección de comandos del sistema operativo en una operación de administración. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de comandos arbitrarios del sistema operativo en el sistema operativo subyacente de la aplicación del sistema administrado con los privilegios de la aplicación vulnerable. La explotación puede llevar a que un atacante se apodere del sistema en un sistema administrado de DDMC."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*","versionEndExcluding":"6.2.1.110","matchCriteriaId":"9540FB1D-8ACB-4697-9F64-0CC6EB81706E"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:powerprotect_data_domain_management_center:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.13.0.10","matchCriteriaId":"0F4CE859-62A1-4DB5-B986-FC2943D66A5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2022:*:*:*","versionStartIncluding":"7.7","versionEndExcluding":"7.7.5.25","matchCriteriaId":"9D0424A4-BA46-4CF3-8704-CC894EF2B194"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:powerprotect_data_domain_management_center:*:*:*:*:lts2023:*:*:*","versionStartIncluding":"7.10","versionEndExcluding":"7.10.1.15","matchCriteriaId":"EDE4E1BC-05DC-4B31-B0C1-97DBA2BE9CE9"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"https://www.dell.com/support/kbdoc/en-us/000220264/dsa-2023-412-dell-technologies-powerprotect-security-update-for-multiple-security-vulnerabilities","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}