Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-111114
HistoryDec 05, 2019 - 12:00 a.m.

Dell Command Configure CVE-2019-18575 Arbitrary File Overwrite Vulnerability

2019-12-0500:00:00
Symantec Security Response
www.symantec.com
14

EPSS

0

Percentile

12.6%

JSON

Description

Dell Command Configure is prone to an arbitrary file-overwrite vulnerability. Successful exploits may allow an attacker to write arbitrary files in the context of the user running the affected application. Dell Command Configure prior to 4.2.1 are vulnerable.

Technologies Affected

  • Dell Command Configure (DCC) 4.2.0

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, run the application with the minimal amount of privileges required for functionality.

Updates are available. Please see the references or vendor advisory for more information.

References

Related

nvd 1
cvelist 1
prion 1
cve 1
nvd
nvd
CVE-2019-18575
2019-12-06 21:15:10
cvelist
cvelist
CVE-2019-18575
2019-12-06 20:40:13
prion
prion
Design/Logic Flaw
2019-12-06 21:15:00
cve
cve
CVE-2019-18575
2019-12-06 21:15:10

EPSS

0

Percentile

12.6%

JSON
Related for SMNTC-111114
nvd1cvelist1prion1cve1