CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23697
https://notcve.org/view.php?id=CVE-2023-23697
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. • https://www.dell.com/support/kbdoc/en-us/000207929/dsa-2023-030 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23696
https://notcve.org/view.php?id=CVE-2023-23696
Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system. • https://www.dell.com/support/kbdoc/en-us/000208331/dsa-2023-029-dell-command-intel-vpro-out-of-band-security-update-for-an-improper-authorization-vulnerability • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •