CVE-2023-48670
https://notcve.org/view.php?id=CVE-2023-48670
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation vulnerability in the installer. A local low privileged authenticated attacker may potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated privileges. Dell SupportAssist para PCs domésticos versión 3.14.1 y versiones anteriores contienen una vulnerabilidad de escalada de privilegios en el instalador. Un atacante local autenticado con pocos privilegios podría explotar esta vulnerabilidad, lo que llevaría a la ejecución de un ejecutable arbitrario en el sistema operativo con privilegios elevados. • https://www.dell.com/support/kbdoc/en-us/000220677/dsa-2023-468-security-update-for-dell-supportassist-for-home-pcs-installer-file-local-privilege-escalation-vulnerability • CWE-426: Untrusted Search Path •
CVE-2023-28053
https://notcve.org/view.php?id=CVE-2023-28053
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to some information disclosure. Las versiones 19.8 y posteriores de Dell NetWorker Virtual Edition contienen el uso de algoritmos criptográficos obsoletos en el componente SSH. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000220547/dsa-2023-358-security-update-for-dell-networker-virtual-edition-ssh-cryptographic-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2023-48671
https://notcve.org/view.php?id=CVE-2023-48671
Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information that may aid in further attacks. Dell vApp Manager, las versiones anteriores a la 9.2.4.x contienen una vulnerabilidad de divulgación de información. Un atacante remoto podría explotar esta vulnerabilidad y obtener información confidencial que podría ayudar en futuros ataques. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-48665
https://notcve.org/view.php?id=CVE-2023-48665
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema operativo en el sistema afectado. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2023-48664
https://notcve.org/view.php?id=CVE-2023-48664
Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema operativo en el sistema afectado. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •