Cross-Site Scripting Vulnerability in Dell SupportAssist Client
CVE-2022-29095
8.3HIGH
Summary
Dell SupportAssist Client, both Consumer and Commercial versions, are impacted by a cross-site scripting vulnerability. An attacker can exploit this flaw to execute malicious scripts on vulnerable systems when specific conditions are met, allowing unauthorized actions and potential system compromise. It is critical for users to update to the latest versions to mitigate this risk.
Affected Version(s)
SupportAssist Consumer <= 3.10.4
References
CVSS V3.1
Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved