DSA-2023-258: Dell Hybrid Client Update for a Hard Coded Secret Vulnerability
摘要: Dell Hybrid Client remediation is available for a Hard Coded Secret vulnerability that could be exploited by malicious users to compromise the affected system.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
Medium
详情
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector StrinG |
|---|---|---|---|
| CVE-2023-32476 | Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector StrinG |
|---|---|---|---|
| CVE-2023-32476 | Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
受影响的产品和补救措施
| Products | Affected Versions | Updated Versions | Link to Update |
|---|---|---|---|
Dell Hybrid Client |
2.0 | 2.5 | Dell Hybrid Client |
| Products | Affected Versions | Updated Versions | Link to Update |
|---|---|---|---|
Dell Hybrid Client |
2.0 | 2.5 | Dell Hybrid Client |
修订历史记录
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-07-18 | Initial Release |
相关信息
法律免责声明
受影响的产品
Dell Hybrid Client文章属性
文章编号: 000215862
文章类型: Dell Security Advisory
上次修改时间: 18 7月 2023
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。