Summary:Dell EMC License Manager remediation is available for privilege elevation vulnerability that could be exploited by malicious users to compromise the affected system.
Please select a product to check article relevancy
This article applies to This article does not apply to
Dell EMC License Manager, 1.7.1, contains a privilege elevation vulnerability. An authenticated non-admin attacker could potentially exploit this vulnerability, leading to arbitrary code execution. Exploitation may lead to a complete system compromise.
Dell EMC License Manager, 1.7.1, contains a privilege elevation vulnerability. An authenticated non-admin attacker could potentially exploit this vulnerability, leading to arbitrary code execution. Exploitation may lead to a complete system compromise.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
The vulnerability does not exist if Dell EMC License Manager is installed in the default location recommended by the installer. (C:\Program Files (x86)\Dell\SysMgt\LicenseManager)
Workarounds & Mitigations
CVE ID
Workaround and Mitigation
CVE-2024-22456
Install Dell EMC License Manager in the default location (C:\Program Files (x86)\Dell\SysMgt\LicenseManager)
Revision History
Revision
Date
Description
1.0
2024-02-08
Initial Release
2.0
2024-05-22
Updated to include external link icon with no other changes to content.
Acknowledgements
Dell would like to thank Pwni for reporting this issue.
