Lucene search

[email protected]NVD:CVE-2024-28963

HistoryApr 24, 2024 - 8:15 a.m.

CVE-2024-28963

2024-04-2408:15:37

CWE-200

[email protected]

web.nvd.nist.gov

telemetry dashboard

dell

thinos 2402

sensitive information disclosure

vulnerability

unauthenticated user

local access

proxy settings

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

Percentile

9.0%

JSON

Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability to read sensitive proxy settings information.

References

www.dell.com/support/kbdoc/en-us/000224317/dsa-2024-170

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-28963

cvelist1 vulnrichment1 cve1