Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the RecoverPoint login form and a complete system compromise.
This allows attackers to brute-force the password of valid users in an automated manner.

Related CVEs

CVE-2024-38488

Key Information

GHSA ID

GHSA-4g8h-jqj8-hf34

Published

December 13, 2024 3:30 PM

Last Modified

December 13, 2024 3:30 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 11, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.