CVE-2023-22576

EPSS 0.04%
Published 21.08.2024 10:15:04
Last modified 23.08.2024 16:56:09
Source security_alert@emc.com
Teams watchlist Login
Open Login

Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation Vulnerability in Installation module. A local low privileged attacker may potentially exploit this vulnerability leading to the execution of arbitrary executable on the operating system with high privileges using the existing vulnerability in operating system. Exploitation may lead to unavailability of the service.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Repository Manager Version < 3.4.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.114

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security_alert@emc.com	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://www.dell.com/support/kbdoc/en-us/000207513/dsa-2023-017-dell-emc-repository-manager-drm-security-update-for-an-improper-privilege-management-vulnerability

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-22576

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-22576

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-22576

EUVD