Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/108020 | Broken Link Third Party Advisory VDB Entry |
https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en | Vendor Advisory |
Configurations
History
10 Feb 2023, 02:21
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/108020 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2019-04-18 20:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-3718
Mitre link : CVE-2019-3718
CVE.ORG link : CVE-2019-3718
JSON object : View
Products Affected
dell
- supportassist
CWE
CWE-352
Cross-Site Request Forgery (CSRF)