Lucene search
DellCVE-2023-32454HistoryFeb 06, 2024 - 8:15 a.m.
CVE-2023-32454
2024-02-0608:15:49
CWE-1386
CWE-59
dell
web.nvd.nist.gov
17
cve
2023
32454
dup framework
windows
junction
mount point
vulnerability
denial of service
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
9.0%
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service
Affected configurations
Node
dellupdate_package_frameworkRange≤4.9.4.36
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | update_package_framework | * | cpe:2.3:a:dell:update_package_framework:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "DUP Framework\t",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "4.9.4.36",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cvelist
cvelist
CVE-2023-32454
2024-02-06 08:00:46
nvd
nvd
CVE-2023-32454
2024-02-06 08:15:49
vulnrichment
vulnrichment
CVE-2023-32454
2024-02-06 08:00:46
prion
prion
Design/Logic Flaw
2024-02-06 08:15:00
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2023-32454