CVE-2024-28962

EPSS 0.22%
Published 06.08.2024 04:16:45
Last modified 19.08.2024 17:12:57
Source security_alert@emc.com
Teams watchlist Login
Open Login

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Alienware Update Version < 5.4

Dell ≫ Command Update Version < 5.4

Dell ≫ Update Version < 5.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.445

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security_alert@emc.com	6.5	3.9	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE-610 Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

https://www.dell.com/support/kbdoc/en-us/000227236/dsa-2024-169

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-28962

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-28962

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-28962

EUVD