Published: 06/12/2019 Updated: 16/12/2019
CVSS v2 Base Score: 6.6 | Impact Score: 9.2 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:N/I:C/A:C

Vulnerability Summary

Dell Command Configure versions before 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the malicious user to overwrite or corrupt a specified file on the system.

Vulnerability Trend