Описание
Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.0.90 (исключая)
cpe:2.3:a:dell:supportassist:*:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00232
Низкий
7.6 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.
EPSS
Процентиль: 46%
0.00232
Низкий
7.6 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352