4 matches found
CVE-2019-18575
Dell Command Configure before version 4.2.1 is affected by an uncontrolled search path vulnerability. A locally authenticated attacker could abuse a symlink to a target file to overwrite or corrupt a specified file on the system. Impact is file overwrite/corruption within the context of the user ...
CVE-2022-34457
Dell Command Configure (Dell Command Configure, version 4.8 and prior) is affected by an elevation of privilege vulnerability due to improper folder permissions when installed to a non-default, non-secured path. A non-admin user can modify files inside the installed directory, potentially making ...
CVE-2023-43086
Dell Command | Configure (versions prior to 4.11.0) is affected by an improper access control vulnerability that could allow a local attacker to modify files inside the installation folder during application upgrade, leading to privilege escalation. The root cause is an access control weakness du...
CVE-2023-44289
CVE-2023-44289 affects Dell Command | Configure prior to version 4.11.0. The issue is an improper access control vulnerability that enables a local malicious standard user to escalate privileges during repair/changing installation. Affected software: Dell Command | Configure (pre-4.11.0). Root ca...