DSA-2024-294: Security Update for Dell CloudLink Vulnerability
摘要: Dell CloudLink remediation is available for Key Trust Platform (KTP) vulnerability that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Low
詳細資料
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-37137 | Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure. | 3.8 | CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-37137 | Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure. | 3.8 | CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
受影響的產品與補救措施
| Product | Affected Versions | Remediated Versions | Link |
| CloudLink | Versions prior to 7.1.9 | Version 7.1.9 | CloudLink 7.1.9 |
| Product | Affected Versions | Remediated Versions | Link |
| CloudLink | Versions prior to 7.1.9 | Version 7.1.9 | CloudLink 7.1.9 |
We strongly recommend upgrading CloudLink software to the latest version.
https://www.dell.com/support/kbdoc/en-in/000224135/cloudlink-security-support-policy-and-security-update-release-schedule-for-supported-versions
https://www.dell.com/support/kbdoc/en-in/000224135/cloudlink-security-support-policy-and-security-update-release-schedule-for-supported-versions
修訂歷史記錄
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-06-27 | Initial release |
相關資訊
法律免責聲明
受影響的產品
CloudLink文章屬性
文章編號: 000226476
文章類型: Dell Security Advisory
上次修改時間: 27 6月 2024
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。