3 results (0.006 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete. Dell Command | Monitor, las versiones anteriores a la 10.9 contienen una vulnerabilidad de eliminación arbitraria de carpetas. Un usuario malintencionado autenticado localmente puede aprovechar esta vulnerabilidad para realizar una eliminación arbitraria de archivos con privilegios. • https://www.dell.com/support/kbdoc/en-us/000211748/dsa-2023-125-dell-command-monitor-dcm • CWE-267: Privilege Defined With Unsafe Actions CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path • https://www.dell.com/support/kbdoc/en-us/000212226/dsa-2023-133 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. • https://www.dell.com/support/kbdoc/en-us/000207973/dsa-2023-033 • CWE-264: Permissions, Privileges, and Access Controls •