CVE-2023-32451

Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000215216/dsa-2023-182-dell	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:display_manager:*:*:*:*:*:*:*:*

History

12 Feb 2024, 21:37

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.3~~	v2 : unknown v3 : 7.8
CWE		CWE-269
CPE		cpe:2.3:a:dell:display_manager::::::::
First Time		Dell display Manager Dell
References	~~() https://www.dell.com/support/kbdoc/en-us/000215216/dsa-2023-182-dell -~~	() https://www.dell.com/support/kbdoc/en-us/000215216/dsa-2023-182-dell - Patch, Vendor Advisory

06 Feb 2024, 13:53

Type	Values Removed	Values Added
Summary		(es) La aplicación Dell Display Manager, versión 2.1.1.17, contiene una vulnerabilidad que permite a usuarios con privilegios bajos ejecutar código malicioso durante la instalación y desinstalación.

06 Feb 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-06 08:15

Updated : 2024-02-12 21:37

NVD link : CVE-2023-32451

Mitre link : CVE-2023-32451

CVE.ORG link : CVE-2023-32451

JSON object : View

Products Affected

dell

display_manager

CWE

CWE-269

Improper Privilege Management

CWE-272

Least Privilege Violation

7.8 /10