Lucene search

DellVULNRICHMENT:CVE-2024-38301

HistoryJul 10, 2024 - 2:12 a.m.

CVE-2024-38301

2024-07-1002:12:54

CWE-1107

dell

github.com

dell alienware command center

version 5.7.3.0

improper access control

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure.

CNA Affected

[
  {
    "vendor": "Dell",
    "product": "Alienware Command Center (AWCC)",
    "versions": [
      {
        "status": "affected",
        "version": "N/A",
        "lessThan": "5.8.2.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*"
    ],
    "vendor": "dell",
    "product": "alienware_command_center",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "5.8.2.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

www.dell.com/support/kbdoc/en-us/000225774/dsa-2024-258

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2024-38301