Описание
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.5.13.1 (исключая)
cpe:2.3:a:dell:supportassist_os_recovery:*:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00017
Низкий
7 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-61
CWE-59
Связанные уязвимости
CVSS3: 7
github
12 месяцев назад
Dell SupportAssist OS Recovery versions prior to 5.5.13.1 contain a symbolic link attack vulnerability. A low-privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary file deletion and Elevation of Privileges.
EPSS
Процентиль: 3%
0.00017
Низкий
7 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-61
CWE-59