Products
Dell Alienware Command Center
- 5.7.3.0 and prior
Source
security_alert@emc.com
Tags
CVE-2024-38301 details
Published : July 10, 2024, 3:15 a.m.
Last Modified : July 10, 2024, 3:15 a.m.
Last Modified : July 10, 2024, 3:15 a.m.
Description
Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6.7 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-1107 | Insufficient Isolation of Symbolic Constant Definitions | The source code uses symbolic constants, but it does not sufficiently place the definitions of these constants into a more centralized or isolated location. |
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
6.7
Exploitability Score
0.8
Impact Score
5.9
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
References
URL | Source |
---|---|
https://www.dell.com/support/kbdoc/en-us/000225774/dsa-2024-258 | security_alert@emc.com |
This website uses the NVD API, but is not approved or certified by it.