PT-2019-16704 · Dell · Dell Imageassist

Publicado

2019-10-14

Atualizado

2020-10-16

CVE-2019-3767

CVSS v3.1

8.2

Alta

Vetor

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell ImageAssist versions prior to 8.7.15

Description The issue concerns an information disclosure problem where Dell ImageAssist stores sensitive encrypted information in the images it creates. A privileged user of a system running an operating system deployed with Dell ImageAssist could potentially retrieve this sensitive information, leading to the compromise of the system and related systems.

Recommendations For Dell ImageAssist versions prior to 8.7.15, update to version 8.7.15 or later to resolve the issue.

Correção

Cleartext Storage of Sensitive Information

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-312CWE-200

Identificadores relacionados

CVE-2019-3767

Produtos afetados

Dell Imageassist

PT-2019-16704 · Dell · Dell Imageassist

CVE-2019-3767

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3