Improper Access Control in Dell Command | Monitor Software
CVE-2023-44290

7.8HIGH

Key Information:

Vendor: Dell
Status: Dell Command Monitor (DCM)
Vendor: CVE Published:; 23 November 2023

Summary

Dell Command | Monitor versions prior to 10.10.0 are susceptible to an improper access control flaw. This vulnerability allows a local user with standard privileges to exploit the issue while performing installation repairs or changes, potentially leading to unauthorized privilege escalation. Users are urged to upgrade to the latest version to mitigate the risks associated with this vulnerability.

Affected Version(s)

Dell Command Monitor (DCM) Dell Command | Monitor Versions prior to 10.10.0

References

https://www.dell.com/support/kbdoc/en-us/000218628/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 23, 2023
Vulnerability Reserved
Sep 28, 2023