Dell Key Trust Platform vulnerable to Privileged Information Disclosure

CVE-2024-37137

3.8LOW

Key Information

Vendor: Dell
Status: ClouD-Link
Vendor: CVE Published:; 28 June 2024

Summary

Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure.

Affected Version(s)

CloudLink < 7.1.9

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 28, 2024
Vulnerability Reserved.
Jun 3, 2024

Collectors

NVD DatabaseMitre Database