Описание
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
Ссылки
- MitigationPatchVendor Advisory
- MitigationPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2019-12-20 (исключая)
cpe:2.3:o:dell:os_recovery_image_for_microsoft_windows_10:*:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.0002
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-277
CWE-863
Связанные уязвимости
github
больше 3 лет назад
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user with low privileges could exploit this vulnerability to gain unauthorized access on the root folder.
EPSS
Процентиль: 4%
0.0002
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-277
CWE-863