2 matches found
CVE-2022-34392
SupportAssist for Home PCs versions 3.11.4 and prior contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information...
CVE-2022-34392
Dell SupportAssist for Home PCs, version 3.11.4 and earlier, has an insufficient session expiration vulnerability. An authenticated non-admin user can obtain a refresh token, reuse the access token, and access sensitive information. Root cause: improper session expiration handling. No remediation...