Headline

CVE-2023-23696: DSA-2023-029: Dell Command | Intel vPro Out of Band Security Update for an Improper Authorization Vulnerability

Dell Command Intel vPro Out of Band, versions prior to 4.3.1, contain an Improper Authorization vulnerability. A locally authenticated malicious users could potentially exploit this vulnerability in order to write arbitrary files to the system.

1 year ago

CVE

Open in Source

#vulnerability #intel #auth #dell

Vaikutus

High

Tiedot

Proprietary Code CVEs

Description

More Information

CVE-2023-23696

Dell Command | Intel vPro Out of Band versions before 4.4.0, contain an Improper Authorization vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability in order to write arbitrary files to the system.

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

See NVD (http://nvd.nist.gov/) for additional details.

Proprietary Code CVEs

Description

More Information

CVE-2023-23696

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

See NVD (http://nvd.nist.gov/) for additional details.

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

CVEs Addressed

Product

Affected Versions

Updated Versions

Link to Update

CVE-2023-23696

Dell Command | Intel vPro Out of Band

Versions before 4.4.0

4.4.0

https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=08WTH

CVEs Addressed