Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation.
References
Configurations
History
21 Nov 2024, 08:03
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
| References | () https://www.dell.com/support/kbdoc/en-us/000218038/dsa-2023-331-dell-emc-appsync-security-update-for-dell-embedded-service-enabler-vulnerability - Patch, Vendor Advisory |
02 Oct 2023, 16:53
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Emc appsync
Emc |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CPE | cpe:2.3:a:emc:appsync:*:*:*:*:*:*:*:* | |
| References | (MISC) https://www.dell.com/support/kbdoc/en-us/000218038/dsa-2023-331-dell-emc-appsync-security-update-for-dell-embedded-service-enabler-vulnerability - Patch, Vendor Advisory |
27 Sep 2023, 16:21
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-09-27 16:21
Updated : 2024-11-21 08:03
NVD link : CVE-2023-32458
Mitre link : CVE-2023-32458
CVE.ORG link : CVE-2023-32458
JSON object : View
Products Affected
emc
- appsync
CWE
CWE-284
Improper Access Control