DSA-2024-343: Security Update for Dell CloudLink Vulnerability
摘要: Dell CloudLink remediation is available for security vulnerabilities that could be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Medium
詳細資料
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-38482 | CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database. | 6.6 | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-38482 | CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database. | 6.6 | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
受影響的產品與補救措施
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| CloudLink | Versions prior to 8.1 | 8.1 | CloudLink 8.1 |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| CloudLink | Versions prior to 8.1 | 8.1 | CloudLink 8.1 |
We strongly recommend upgrading CloudLink software to the latest version.
https://www.dell.com/support/kbdoc/en-in/000224135/cloudlink-security-support-policy-and-security-update-release-schedule-for-supported-versions
https://www.dell.com/support/kbdoc/en-in/000224135/cloudlink-security-support-policy-and-security-update-release-schedule-for-supported-versions
修訂歷史記錄
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-08-01 | Initial release |
感謝
Dell would like to thank B4gpipe for reporting this issue.
相關資訊
法律免責聲明
受影響的產品
CloudLink文章屬性
文章編號: 000227493
文章類型: Dell Security Advisory
上次修改時間: 01 8月 2024
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。