Lucene search
K
DellAppsync

5 matches found

CVE
CVE
added 2024/12/17 11:33 a.m.50 views

CVE-2024-52542

Dell AppSync 4.6.0.x is affected by a Symbolic Link (Symlink) Following vulnerability. The root cause is the mismanagement of symlinks that allows a low-privileged, locally connected attacker to tamper information. Impact is limited to information integrity (I: High; A: None; C: None per docs). N...

5.5CVSS6.3AI score0.0017EPSS
CVE
CVE
added 2025/07/21 4:20 p.m.23 views

CVE-2025-36603

Dell AppSync 4.6.0.0 contains an Improper Restriction of XML External Entity Reference vulnerability. A low-privilege attacker with local access could exploit this to cause information disclosure and information tampering. Exploitation details are not provided in the documents. References indicat...

4.8CVSS6.2AI score0.00105EPSS
CVE
CVE
added 2025/07/21 4:25 p.m.20 views

CVE-2025-32744

Dell AppSync 4.6.0.0 contains an Unrestricted Upload of File with Dangerous Type vulnerability that could allow remote code execution by a high-privilege attacker with remote access. The issue stems from insufficient validation of uploaded files. A security update/ advisory (DSA-2025-277) is avai...

6.6CVSS6.7AI score0.00402EPSS
CVE
CVE
added 2026/04/01 12:18 p.m.18 views

CVE-2026-22768

Dell AppSync, version 4.6.0, contains an Incorrect Permission Assignment for a Critical Resource vulnerability. A low-privileged attacker with local access could exploit this to achieve Elevation of Privileges. CVSS v3.1 indicates Local attack vector, Low attack complexity, Privileges Required: L...

7.3CVSS5.9AI score0.00127EPSS
CVE
CVE
added 2026/04/01 12:7 p.m.16 views

CVE-2026-22767

Dell AppSync 4.6.0 is affected by a UNIX symbolic link (symlink) following vulnerability. A low-privileged local attacker could potentially exploit this to tamper information. Root cause details are not explicitly provided beyond the symlink following descriptor in the sources. Remediation/patch/...

7.3CVSS5.9AI score0.00165EPSS