Impact
Medium
Details
Proprietary Code CVE(s) |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2023-43089 |
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user could potentially exploit this vulnerability to modify the content of the policy file, leading to unauthorized access to resources. |
4.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
Proprietary Code CVE(s) |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2023-43089 |
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user could potentially exploit this vulnerability to modify the content of the policy file, leading to unauthorized access to resources. |
4.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Workarounds & Mitigations
Dell Rugged Control Center UI would provide an SHA-256 hash of the Policy File to the administrator, which can be used to cross-verify the legitimacy of the policy file after transfer.
Revision History
Revision | Date | Description |
---|
1.0 | 2023-11-30 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Affected Products
Rugged Control Center