Article Number: 000217572
Medium
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2023-39246 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | 4.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2023-39246 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | 4.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L |
Product | Software/ Firmware | Affected Versions | Remediated Version | Link |
---|---|---|---|---|
Dell Encryption |
SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
Dell Endpoint Security Suite Enterprise | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-dp-endpt-security-suite-enterprise/drivers |
Dell Security Management Server (Windows) | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
Product | Software/ Firmware | Affected Versions | Remediated Version | Link |
---|---|---|---|---|
Dell Encryption |
SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
Dell Endpoint Security Suite Enterprise | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-dp-endpt-security-suite-enterprise/drivers |
Dell Security Management Server (Windows) | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
Revision | Date | Description |
---|---|---|
1.0 | 2023-11-14 | Initial Release |
Dell Encryption, Dell Endpoint Security Suite Enterprise
14 Nov 2023
Dell Security Advisory