Artikelnummer: 000211748

DSA-2023-125: Dell Command | Monitor Security Update for an Arbitrary Folder Deletion Vulnerability

Samenvatting: Dell Command | Monitor remediation is available for an arbitrary folder deletion vulnerability during installation that may be exploited by malicious users to compromise the affected system. ...

Article content

Impact

Medium

Gegevens

Proprietary Code CVE(s)	Description	CVSS Base Score	CVSS Vector String
CVE-2023-28049	Dell Command \| Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.	4.7	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Proprietary Code CVE(s)	Description	CVSS Base Score	CVSS Vector String
CVE-2023-28049	Dell Command \| Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.	4.7	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

CVE(s) Addressed	Product	Affected Version(s)	Updated Version(s)	Link to update
CVE-2023-28049	Dell Command \| Monitor	10.9 and priors	10.9.1	https://www.dell.com/support/home/drivers/driversdetails?driverid=XYDW7

CVE(s) Addressed	Product	Affected Version(s)	Updated Version(s)	Link to update
CVE-2023-28049	Dell Command \| Monitor	10.9 and priors	10.9.1	https://www.dell.com/support/home/drivers/driversdetails?driverid=XYDW7

Tijdelijke oplossingen en beperkingen

None.

Bevestigingen

CVE-2023-28049: Dell Technologies would like to thank ycdxsb for reporting this issue.

Revisiegeschiedenis

Revision	Date	Description
1.0	2023-04-04	Initial Release

DSA-2023-125: Dell Command | Monitor Security Update for an Arbitrary Folder Deletion Vulnerability

Samenvatting: Dell Command | Monitor remediation is available for an arbitrary folder deletion vulnerability during installation that may be exploited by malicious users to compromise the affected system. ...

Article content

Impact

Gegevens

Getroffen producten en herstel

Tijdelijke oplossingen en beperkingen

Bevestigingen

Revisiegeschiedenis

Verwante informatie

Juridische informatie

Artikeleigenschappen

Getroffen product

Datum laatst gepubliceerd

Artikeltype

Welkom

Welkom bij Dell

DSA-2023-125: Dell Command | Monitor Security Update for an Arbitrary Folder Deletion Vulnerability

Samenvatting: Dell Command | Monitor remediation is available for an arbitrary folder deletion vulnerability during installation that may be exploited by malicious users to compromise the affected system. ... Meer weergeven Minder weergeven

Article content

Impact

Gegevens

Getroffen producten en herstel

Tijdelijke oplossingen en beperkingen

Bevestigingen

Revisiegeschiedenis

Verwante informatie

Juridische informatie

Artikeleigenschappen

Getroffen product

Datum laatst gepubliceerd

Artikeltype

Samenvatting: Dell Command | Monitor remediation is available for an arbitrary folder deletion vulnerability during installation that may be exploited by malicious users to compromise the affected system. ...