CVE-2024-47984

Description

Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state.

CVSS v3.1 Score

4.4

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Weakness Type (CWE)

CWE-790 CWE-790

Affected Products

Vendor	Product	Versions
dell	recoverpoint_for_virtual_machines	All
dell	recoverpoint_for_virtual_machines	All

References

Advisories & Patches

https://www.dell.com/support/kbdoc/en-us/000259765/dsa-2024-429-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-third-party-component-vulnerabilities

Frequently Asked Questions

What is CVE-2024-47984? +

Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state. It has a CVSS v3.1 base score of 4.4 (MEDIUM).

How severe is CVE-2024-47984? +

CVE-2024-47984 has a CVSS v3.1 score of 4.4 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.

What products are affected by CVE-2024-47984? +

CVE-2024-47984 affects products from dell, specifically: recoverpoint_for_virtual_machines. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-47984? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2024-31616 8.8

An issue discovered in RG-RSR10-01G-T(W)-S and RG-RSR10-01G-T(WA)-S routers with firmware version RSR10-01G-T-S_RSR_3.0(1)B9P2, Release(07150910) allows attackers to execute arbitrary code via …

CVE-2024-42416 8.8

The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount …

CVE-2025-0431 5.8

Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses …

CVE-2024-6540 5.7

Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could …

CVE-2024-43442 4.9

Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in OTRS (System Configuration modules) and ((OTRS)) …

CVE-2024-43443 4.9

Improper Neutralization of Input done by an attacker with admin privileges ('Cross-site Scripting') in Process Management modules of OTRS and …