exploitDog

CVE-2023-28068

Опубликовано: 05 мая 2023

Источник: nvd

CVSS3: 7.3

CVSS3: 7.8

EPSS Низкий

Описание

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path

Ссылки

https://www.dell.com/support/kbdoc/en-us/000212226/dsa-2023-133
Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000212226/dsa-2023-133
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:command_\|_monitor:*:*:*:*:*:*:*:*

Версия до 10.9 (включая)

EPSS

Процентиль: 15%

0.00048

Низкий

7.3 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-732

CWE-732

Связанные уязвимости

GHSA-53r9-cff5-x7hq

CVSS3: 7.3

github

почти 3 года назад

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path

EPSS

Процентиль: 15%

0.00048

Низкий

7.3 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-732

CWE-732