Unrated severityNVD Advisory· Published Dec 10, 2024· Updated Dec 11, 2024

CVE-2024-37143

Description

Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Improper Link Resolution Before File Access vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to execute arbitrary code on the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Dell/PowerFlex appliancellm-create2 versions
< IC 46.381.00, < IC 46.376.00+ 1 more
- (no CPE)range: < IC 46.381.00, < IC 46.376.00
- (no CPE)range: N/A
Dell/PowerFlex rackllm-create2 versions
< RCM 3.8.1.0, < RCM 3.7.6.0+ 1 more
- (no CPE)range: < RCM 3.8.1.0, < RCM 3.7.6.0
- (no CPE)range: N/A
Dell/PowerFlex custom nodellm-create2 versions
< 4.6.1.0+ 1 more
- (no CPE)range: < 4.6.1.0
- (no CPE)range: N/A
Dell/InsightIQllm-create2 versions
< 5.1.1+ 1 more
- (no CPE)range: < 5.1.1
- (no CPE)range: N/A
Dell/Data Lakehousellm-fuzzy2 versions
< 1.2.0.0+ 1 more
- (no CPE)range: < 1.2.0.0
- (no CPE)range: N/A

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

www.dell.com/support/kbdoc/en-us/000258342/dsa-2024-405-security-update-for-dell-products-for-multiple-vulnerabilitiesmitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000