6.6
CVSSv2

CVE-2019-18575

Published: 06/12/2019 Updated: 16/12/2019
CVSS v2 Base Score: 6.6 | Impact Score: 9.2 | Exploitability Score: 3.9
Vector: AV:L/AC:L/Au:N/C:N/I:C/A:C

Vulnerability Summary

Dell Command Configure versions before 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the malicious user to overwrite or corrupt a specified file on the system.

Vulnerability Trend

Affected Products

Vendor Product Versions
DellCommand|configure3.0, 3.1, 3.1.2, 3.2, 3.3, 4.0, 4.1