DSA-2024-496 : Security Update for Dell AppSync Vulnerabilities
Résumé: Dell AppSync remediation is available for a security vulnerability that could be exploited by malicious users to compromise the affected system.
Impact
Medium
Détails
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-52542 |
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering. |
4.4 |
|
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-52542 |
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering. |
4.4 |
Produits concernés et mesure corrective
|
CVEs Addressed |
Product |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2024-52542 |
Dell AppSync |
Version 4.6.0.x |
Version AppSync patch 4.6.0.3 CVE-2024-52542 R1 or later |
https://dl.dell.com/downloads/VV2R6_AppSync-patch-4.6.0.3-CVE-2024-52542-R1.zip |
|
CVEs Addressed |
Product |
Affected Versions |
Remediated Versions |
Link |
|
CVE-2024-52542 |
Dell AppSync |
Version 4.6.0.x |
Version AppSync patch 4.6.0.3 CVE-2024-52542 R1 or later |
https://dl.dell.com/downloads/VV2R6_AppSync-patch-4.6.0.3-CVE-2024-52542-R1.zip |
Dell recommends that you always upgrade to the latest release/version for your product.
Historique des révisions
|
Revision |
Date |
Description |
|
1.0 |
2024-12-17 |
Initial Release |
Remerciements
Dell Technologies would like to thank Ouallaout Noureddine for reporting this issue.