3 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service. • https://www.dell.com/support/kbdoc/000203733 • CWE-295: Improper Certificate Validation •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials vulnerability. A local attacker with user privleges could potentially exploit this vulnerability leading to the disclosure of user passwords. Dell EMC System Update, versiones 1.9.2 y anteriores, contienen una vulnerabilidad de Almacenamiento de Credenciales sin Protección. Un atacante local con privilegios de usuario podría potencialmente explotar esta vulnerabilidad conllevando a una divulgación de contraseñas de usuario • https://www.dell.com/support/kbdoc/000195007 • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. A local authenticated malicious user with low privileges may potentially exploit this vulnerability to cause the system to run out of memory by running multiple instances of the vulnerable application. Dell System Update (DSU) versiones 1.9 y anteriores, contienen una vulnerabilidad de denegación de servicio. Un usuario malicioso local autenticado poco privilegiado puede explotar esta vulnerabilidad para causar que el sistema se quede sin memoria al ejecutar múltiples instancias de la aplicación vulnerable. • https://www.dell.com/support/kbdoc/en-us/000184608/dsa-2021-059-dell-emc-system-update-dsu-security-update-for-denial-of-service-vulnerability • CWE-400: Uncontrolled Resource Consumption •