DSA-2023-271: Security Update for a Dell Encryption, Dell Endpoint Security Suite Enterprise and Dell Security Management Server Vulnerability
Sammanfattning: Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server remediation are available for an insecure operation on Windows junction vulnerability during installation that could be exploited by malicious users to compromise the affected system. ...
Den här artikeln gäller för
Den här artikeln gäller inte för
Den här artikeln är inte kopplad till någon specifik produkt.
Alla produktversioner identifieras inte i den här artikeln.
Påverkan
Medium
Information
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-39246 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | 4.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-39246 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | 4.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L |
Berörda produkter och åtgärder
| Product | Software/ Firmware | Affected Versions | Remediated Version | Link |
|---|---|---|---|---|
| Dell Encryption |
SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
| Dell Endpoint Security Suite Enterprise | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-dp-endpt-security-suite-enterprise/drivers |
| Dell Security Management Server (Windows) | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
| Product | Software/ Firmware | Affected Versions | Remediated Version | Link |
|---|---|---|---|---|
| Dell Encryption |
SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
| Dell Endpoint Security Suite Enterprise | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-dp-endpt-security-suite-enterprise/drivers |
| Dell Security Management Server (Windows) | SW | Versions prior to 11.8.1 | 11.8.1 or later | https://www.dell.com/support/home/en-in/product-support/product/dell-data-protection-encryption/drivers |
Revideringshistorik
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-11-14 | Initial Release |
Relaterad information
Juridisk friskrivning
Berörda produkter
Dell Encryption, Dell Endpoint Security Suite EnterpriseArtikelegenskaper
Artikelnummer: 000217572
Artikeltyp: Dell Security Advisory
Senast ändrad: 14 nov. 2023
Få svar på dina frågor från andra Dell-användare
Supporttjänster
Kontrollera om din enhet omfattas av supporttjänster.