CVE-2024-28962

EPSS 0.22%
Veröffentlicht 06.08.2024 04:16:45
Zuletzt bearbeitet 19.08.2024 17:12:57
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dell ≫ Alienware Update Version < 5.4

Dell ≫ Command Update Version < 5.4

Dell ≫ Update Version < 5.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.22%	0.445

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security_alert@emc.com	6.5	3.9	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE-610 Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

https://www.dell.com/support/kbdoc/en-us/000227236/dsa-2024-169

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-28962

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-28962

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-28962

EUVD