Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
Dell Command | Configure 安全漏洞
Vulnerability Description
Dell Command | Configure是美国戴尔(Dell)公司的一款能够为业务客户端平台提供配置功能的应用程序。该程序中包含用于配置多种BIOS功能的命令行界面和图形用户界面。 Dell Command | Configure 4.11.0之前版本存在安全漏洞,该漏洞源于存在访问控制错误漏洞。攻击者可利用该漏洞在应用程序升级期间修改安装文件夹中的文件,从而导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A