Unauthorized Access to Monitoring Data via Improper Access Control Vulnerability
CVE-2024-25962

6.5MEDIUM

Key Information:

Vendor: Dell
Status: Insightiq
Vendor: CVE Published:; 27 March 2024

Summary

Dell InsightIQ, specifically version 5.0, is exposed to an improper access control vulnerability that may be exploited by low privileged remote attackers. Successful exploitation of this flaw could enable unauthorized access to sensitive monitoring data. It is essential for users of Dell InsightIQ to be aware of this vulnerability and to implement necessary security measures to safeguard their data from potential threats.

Affected Version(s)

InsightIQ 5.0.0

References

https://www.dell.com/support/kbdoc/en-us/000223551/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 27, 2024
Vulnerability Reserved
Feb 13, 2024