Article Number: 000222015
Medium
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-22455 | Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability in Feedback submission. An attacker could potentially exploit this vulnerability, to manipulate the email's appearance, potentially deceiving recipients and causing reputational and security risks. | 4.4 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-22455 | Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability in Feedback submission. An attacker could potentially exploit this vulnerability, to manipulate the email's appearance, potentially deceiving recipients and causing reputational and security risks. | 4.4 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
CVE-2024-22455 | Mobility - E-Lab Navigator | Versions 3.1.9 and 3.2.0 | Version 3.3.3 | https://play.google.com/store/apps/details?id=com.emc.mobileapps.elabnavigator&pcampaignid=web_share |
CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
CVE-2024-22455 | Mobility - E-Lab Navigator | Versions 3.1.9 and 3.2.0 | Version 3.3.3 | https://play.google.com/store/apps/details?id=com.emc.mobileapps.elabnavigator&pcampaignid=web_share |
None
Dell Technologies would like to thank iow1n3r for reporting this issue.
Revision | Date | Description |
1.0 | 2024-02-12 | Initial Release |
E-Lab Navigator - Mobile
12 Feb 2024
1
Dell Security Advisory