Описание
Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:dell:e-lab_navigator:3.1.9:*:*:*:*:*:*:*
cpe:2.3:a:dell:e-lab_navigator:3.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00051
Низкий
4.4 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-639
CWE-639
Связанные уязвимости
CVSS3: 4.6
github
больше 1 года назад
Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability in Feedback submission. An attacker could potentially exploit this vulnerability, to manipulate the email's appearance, potentially deceiving recipients and causing reputational and security risks.
EPSS
Процентиль: 16%
0.00051
Низкий
4.4 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-639
CWE-639