Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32479 | 2 Dell, Microsoft | 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more | 2024-02-13 | N/A | 7.8 HIGH |
| Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. | |||||
| CVE-2023-39246 | 2 Dell, Microsoft | 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more | 2023-12-10 | N/A | 7.3 HIGH |
| Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | |||||
| CVE-2020-5327 | 1 Dell | 1 Security Management Server | 2023-12-10 | 9.3 HIGH | 9.8 CRITICAL |
| Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host. | |||||