PT-2019-16704 · Dell · Dell Imageassist

Published

2019-10-14

Updated

2020-10-16

CVE-2019-3767

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell ImageAssist versions prior to 8.7.15

Description The issue concerns an information disclosure problem where Dell ImageAssist stores sensitive encrypted information in the images it creates. A privileged user of a system running an operating system deployed with Dell ImageAssist could potentially retrieve this sensitive information, leading to the compromise of the system and related systems.

Recommendations For Dell ImageAssist versions prior to 8.7.15, update to version 8.7.15 or later to resolve the issue.

Fix

Cleartext Storage of Sensitive Information

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-312CWE-200

Related Identifiers

CVE-2019-3767

Affected Products

Dell Imageassist

PT-2019-16704 · Dell · Dell Imageassist

CVE-2019-3767

Weakness Enumeration

Related Identifiers

Affected Products

References · 3