PT-2024-11970 · Dell · Dell Repository Manager
Marius Gabriel Mihai
·
Published
2024-08-21
·
Updated
2024-08-25
·
CVE-2023-22576
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell Repository Manager versions 3.4.2 and earlier
Description
A local low privileged attacker may potentially exploit a Local Privilege Escalation Vulnerability in the Installation module, leading to the execution of arbitrary executables on the operating system with high privileges. This exploitation may result in the unavailability of the service.
Recommendations
For Dell Repository Manager versions 3.4.2 and earlier, patch immediately to prevent privilege escalation and unauthorized access. As a temporary workaround, consider restricting access to the Installation module until a patch is available.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Repository Manager