Critical
Third-party Component |
CVEs |
More Information |
Elasticsearch |
CVE-2024-23450 |
|
org.apache.hadoop_hadoop-hdfs |
CVE-2021-33036, CVE-2021-25642 |
See NVD link below for individual scores for each CVE. |
libyaml |
CVE-2024-35328, CVE-2024-35325, CVE-2024-35326 |
See NVD link below for individual scores for each CVE. |
com.amazon.redshift_redshift-jdbc42 |
CVE-2024-32888 |
|
curl |
CVE-2024-2004, CVE-2024-2398 |
See NVD link below for individual scores for each CVE. |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2024-47483 |
Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. |
2.9 |
|
CVE-2024-47481 |
Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Denial of service. |
6.5 |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2024-47483 |
Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. |
2.9 |
|
CVE-2024-47481 |
Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Denial of service. |
6.5 |
Product |
Affected Versions |
Remediated Versions |
Link |
DELL Data Lakehouse System Software |
Versions 1.0.0.0 and 1.1.0.0 |
Version 1.2.0.0 or later |
Product |
Affected Versions |
Remediated Versions |
Link |
DELL Data Lakehouse System Software |
Versions 1.0.0.0 and 1.1.0.0 |
Version 1.2.0.0 or later |
Revision |
Date |
Description |
1.0 |
2024-10-25 |
Initial Release |