DSA-2023-271: Security Update for a Dell Encryption, Dell Endpoint Security Suite Enterprise and Dell Security Management Server Vulnerability
요약: Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server remediation are available for an insecure operation on Windows junction vulnerability during installation that could be exploited by malicious users to compromise the affected system. ...
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
이 문서는 특정 제품과 관련이 없습니다.
모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
영향
Medium
세부 정보
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-39246 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | 4.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-39246 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | 4.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L |
영향을 받는 제품 및 문제 해결
| Product | Software/ Firmware | Affected Versions | Remediated Version | Link |
|---|---|---|---|---|
| Dell Encryption |
SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
| Dell Endpoint Security Suite Enterprise | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-dp-endpt-security-suite-enterprise/drivers |
| Dell Security Management Server (Windows) | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
| Product | Software/ Firmware | Affected Versions | Remediated Version | Link |
|---|---|---|---|---|
| Dell Encryption |
SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
| Dell Endpoint Security Suite Enterprise | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-dp-endpt-security-suite-enterprise/drivers |
| Dell Security Management Server (Windows) | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
개정 내역
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-11-14 | Initial Release |
관련 정보
법적 고지 사항
해당 제품
Dell Encryption, Dell Endpoint Security Suite Enterprise문서 속성
문서 번호: 000217572
문서 유형: Dell Security Advisory
마지막 수정 시간: 14 11월 2023
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.