CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39246

Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.3%

CVSS Severity

CVSS v3 Score 4.6

References

Products affected by CVE-2023-39246

Dell » Encryption » Version: N/A

cpe:2.3:a:dell:encryption:-
Dell » Encryption » Version: 10.4.0

cpe:2.3:a:dell:encryption:10.4.0
Dell » Encryption » Version: 10.8

cpe:2.3:a:dell:encryption:10.8
Dell » Endpoint Security Suite Enterprise » Version: 2.0.1

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.0.1
Dell » Endpoint Security Suite Enterprise » Version: 2.4.0

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.4.0
Dell » Endpoint Security Suite Enterprise » Version: 2.7

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.7
Dell » Endpoint Security Suite Enterprise » Version: 2.8

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.8
Dell » Security Management Server » Version: 10.2.0

cpe:2.3:a:dell:security_management_server:10.2.0
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39246

Products

Pricing

Contact Us