Lucene search
HistoryNov 16, 2023 - 9:15 a.m.
CVE-2023-39259
dell os recovery tool
improper access control
elevation of privilege
vulnerability
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system.
Affected configurations
Node
dellos_recovery_toolMatch2.2.4013
ORdellos_recovery_toolMatch2.3.7012.0
ORdellos_recovery_toolMatch2.3.7515.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dell | os_recovery_tool | 2.2.4013 | cpe:2.3:o:dell:os_recovery_tool:2.2.4013:*:*:*:*:*:*:* |
| dell | os_recovery_tool | 2.3.7012.0 | cpe:2.3:o:dell:os_recovery_tool:2.3.7012.0:*:*:*:*:*:*:* |
| dell | os_recovery_tool | 2.3.7515.0 | cpe:2.3:o:dell:os_recovery_tool:2.3.7515.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-39259
2023-11-16 09:02:01
prion
prion
Improper access control
2023-11-16 09:15:00
vulnrichment
vulnrichment
CVE-2023-39259
2023-11-16 09:02:01
cve
cve
CVE-2023-39259
2023-11-16 09:15:07
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-39259