Vulnerability Details CVE-2023-43086
Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.7%
CVSS Severity
CVSS v3 Score 7.3
References
Products affected by CVE-2023-43086
-
cpe:2.3:a:dell:command|configure:3.0
-
cpe:2.3:a:dell:command|configure:3.1
-
cpe:2.3:a:dell:command|configure:3.1.2
-
cpe:2.3:a:dell:command|configure:3.2
-
cpe:2.3:a:dell:command|configure:3.3
-
cpe:2.3:a:dell:command|configure:4.0
-
cpe:2.3:a:dell:command|configure:4.1
-
cpe:2.3:a:dell:command|configure:4.2.1