CVE-2019-3767
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially retrieve this sensitive information to then compromise the system and related systems.
Las versiones de Dell ImageAssist en versiones anteriores a la 8.7.15 contienen una vulnerabilidad de divulgación de información. Dell ImageAssist almacena información confidencial cifrada en las imágenes que crea. Un usuario privilegiado de un sistema que ejecuta un sistema operativo que se implementó con Dell ImageAssist podría recuperar esta información confidencial para luego comprometer el sistema y los sistemas relacionados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-03 CVE Reserved
- 2019-10-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.dell.com/support/article/us/en/19/sln318831/dsa-2019-139 | 2020-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Imageassist Search vendor "Dell" for product "Imageassist" | < 8.7.15 Search vendor "Dell" for product "Imageassist" and version " < 8.7.15" | - |
Affected
|