Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell command configuration, version 4.8 and prior, contains improper folder permission when installed not to default path but to non-secured path which leads to privilege escalation. This is critical severity vulnerability as it allows non-admin to modify the files inside installed directory and able to make application unavailable for all users.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
Dell Command Configure 安全漏洞
Vulnerability Description
Dell Command Configure是美国戴尔(Dell)公司的一款能够为业务客户端平台提供配置功能的应用程序。该程序中包含用于配置多种BIOS功能的命令行界面和图形用户界面。 Dell Command Configure 4.8版本及之前版本存在安全漏洞,该漏洞源于文件夹权限不正确,导致权限升级。攻击者利用该漏洞修改目录中的文件,并使应用程序对所有用户都不可用。
CVSS Information
N/A
Vulnerability Type
N/A