Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2023-258: Dell Hybrid Client Update for a Hard Coded Secret Vulnerability

Summary: Dell Hybrid Client remediation is available for a Hard Coded Secret vulnerability that could be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 

Impact

Medium

Details

Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector StrinG
CVE-2023-32476 Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector StrinG
CVE-2023-32476 Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Products Affected Versions Updated Versions Link to Update

Dell Hybrid Client
 
2.0 2.5 Dell Hybrid Client
Products Affected Versions Updated Versions Link to Update

Dell Hybrid Client
 
2.0 2.5 Dell Hybrid Client

Revision History

RevisionDateDescription
1.02023-07-18Initial Release

Related Information

Affected Products

Dell Hybrid Client