Headline
CVE-2023-44290: DSA-2023-390: Security Update for Dell Command | Configure and Dell Command | Monitor Vulnerabilities
Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.
Impact
High
Details
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Affected Products and Remediation
CVE(s) Addressed
Product
Affected Version(s)
Remediated Version(s)
Link
CVE-2023-44289
Dell Command | Configure
Versions prior to 4.11.0
4.11.0.70, A00
https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=5WCHH
CVE-2023-44290
Dell Command | Monitor
Versions prior to 10.10.0
10.10.0.39, A00
https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=94WK2
CVE(s) Addressed
Product
Affected Version(s)
Remediated Version(s)
Link
CVE-2023-44289
Dell Command | Configure
Versions prior to 4.11.0
4.11.0.70, A00
https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=5WCHH
CVE-2023-44290
Dell Command | Monitor
Versions prior to 10.10.0
10.10.0.39, A00
https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=94WK2
Revision History
Revision
Date
Description
1.0
2023-11-21
Initial Release
1.1
2023-11-22
Updated Proprietary Code section: Revised CVE Vulnerability Description
Related Information
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide