CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-25957

Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync application with elevated privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.4%

CVSS Severity

CVSS v3 Score 4.8

References

https://www.dell.com/support/kbdoc/en-us/000223508/dsa-2024-121-security-update-for-grab-for-windows-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000223508/dsa-2024-121-security-update-for-grab-for-windows-vulnerabilities

Products affected by CVE-2024-25957

Dell » Grab » Version: Any

cpe:2.3:a:dell:grab:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-25957

Products

Pricing

Contact Us