CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32476
https://notcve.org/view.php?id=CVE-2023-32476
Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. • https://www.dell.com/support/kbdoc/en-us/000215862/dsa-2023-258-dell • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34432
https://notcve.org/view.php?id=CVE-2022-34432
Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. Dell Hybrid Client versiones anteriores a 1.8, contiene una vulnerabilidad de gedit. Un atacante invitado podría explotar esta vulnerabilidad, permitiendo una eliminación de archivos y carpetas del usuario y de algunos sistemas • https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34431
https://notcve.org/view.php?id=CVE-2022-34431
Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. Dell Hybrid Client versiones anteriores a 1.8, contiene una vulnerabilidad de corrupción del perfil de usuario invitado. Un atacante privilegiado WMS podría potencialmente explotar esta vulnerabilidad, conllevando a que el sistema DHC no sea accesible • https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34430
https://notcve.org/view.php?id=CVE-2022-34430
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. Dell Hybrid Client versiones anteriores a 1.8, contiene una vulnerabilidad de tipo Zip Bomb en la Interfaz de Usuario. Un atacante privilegiado de invitado podría potencialmente explotar esta vulnerabilidad, conllevando a una modificación de los archivos del sistema • https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-34429
https://notcve.org/view.php?id=CVE-2022-34429
Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. Dell Hybrid Client por debajo versiones anteriores a 1.8, contiene una vulnerabilidad de "Zip Slip" en la Interfaz de Usuario. Un atacante con privilegios de invitado podría explotar esta vulnerabilidad, conllevando a una modificación de los archivos del sistema • https://www.dell.com/support/kbdoc/en-us/000203345/dsa-2022-260-dell-hybrid-client-security-update-for-multiple-vulnerabilities • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •