Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000130673

Dell Encryption Enterprise Information Disclosure Vulnerability

Summary: Information Disclosure Vulnerability in Dell Encryption Enterprise (formerly Dell Data Protection | Encryption).

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Symptoms

CVE Identifier: CVE-2018-15773

Severity: Medium

Affected Products:

  • Dell Encryption Enterprise
  • Dell Data Protection | Encryption

Affected Versions:

  • v10.0.0 and Earlier

Dell Encryption (formerly Dell Data Protection | Encryption) v10.0.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive computer files.

Cause

Not Applicable

Resolution

The following Dell Encryption Enterprise release contains a resolution to this vulnerability:

  • Dell Encryption v10.1.0 and later

Dell Technologies recommends all customers upgrade at the earliest opportunity.

Link to remedies:

Customers can download the latest Dell Encryption software from:

https://www.dell.com/support/home/product-support/product/dell-data-protection-encryption/drivers

Dell Endpoint Security Suite Enterprise software is made available to customers on their ddpe.credant.com account, or it can be obtained through Dell ProSupport.

Credit:

Dell would like to thank Jan van der Put and Harm Blankers of REQON Security for reporting this vulnerability.

Dell Technologies recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information provided as is without warranty of any kind. Dell disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title, and noninfringement. In no event shall Dell or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Dell or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Article Properties

Affected Product

Dell Encryption

Last Published Date

16 Jan 2024

Version

10

Article Type

Solution

Back to Top