DSA-2023-258: Dell Hybrid Client Update for a Hard Coded Secret Vulnerability
Summary: Dell Hybrid Client remediation is available for a Hard Coded Secret vulnerability that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Medium
Details
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector StrinG |
|---|---|---|---|
| CVE-2023-32476 | Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector StrinG |
|---|---|---|---|
| CVE-2023-32476 | Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
Affected Products & Remediation
| Products | Affected Versions | Updated Versions | Link to Update |
|---|---|---|---|
Dell Hybrid Client |
2.0 | 2.5 | Dell Hybrid Client |
| Products | Affected Versions | Updated Versions | Link to Update |
|---|---|---|---|
Dell Hybrid Client |
2.0 | 2.5 | Dell Hybrid Client |
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-07-18 | Initial Release |
Related Information
Legal Disclaimer
Affected Products
Dell Hybrid ClientArticle Properties
Article Number: 000215862
Article Type: Dell Security Advisory
Last Modified: 18 Jul 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.