CVE-2023-24573

Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000207973/dsa-2023-033	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:command_\|_monitor:*:*:*:*:*:*:*:*

History

07 Nov 2023, 04:08

Type	Values Removed	Values Added
Summary	Dell Command \| Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.	Dell Command \| Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.

Information

Published : 2023-02-10 13:15

Updated : 2024-02-28 19:51

NVD link : CVE-2023-24573

Mitre link : CVE-2023-24573

CVE.ORG link : CVE-2023-24573

JSON object : View

Products Affected

dell

command_\|_monitor

CWE

NVD-CWE-noinfo CWE-264

Permissions, Privileges, and Access Controls

7.1 /10