Incorrect default permissions vulnerability in Dell Digital Delivery versions prior to 3.5.2015

[vc_row][vc_column][vc_column_text]

Overview :
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system.
Affected Product(s) :
Dell Digital Delivery versions prior to 3.5.2015

Alienware Digital Delivery versions prior to 3.5.2015

Vulnerability Details :
CVE ID :

CVE-2020-5342

Solution :

The following Dell/Alienware Digital Delivery releases contain a resolution to these vulnerabilities:

  • Dell Digital Delivery versions 3.5.2015 and later
  • Alienware Digital Delivery versions 3.5.2015 and later

Dell recommends all customers upgrade at the earliest opportunity.

Please visit the Dell Support Drivers and Downloads site for updates on the applicable products.

 

[/vc_column_text][/vc_column][/vc_row]

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-53490 : CLOUDFAVORITES FAVORITES-WEB 1.3.0 SECURITYFILTER.JAVA PATH TRAVERSAL

CVE-2024-53490 : CLOUDFAVORITES FAVORITES-WEB 1.3.0 SECURITYFILTER.JAVA PATH TRAVERSAL

Description Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java. References https://github.com/DYX217/directory-traversal For More Information CVERecord

CVE-2024-54679 : CYBERPANEL RESTARTMYSQL DENIAL OF SERVICE

CVE-2024-54679 : CYBERPANEL RESTARTMYSQL DENIAL OF SERVICE

Description CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions. References https://github.com/usmannasir/cyberpanel/commit/6778ad1eaae41f72365da8fd021f9a60369600dc For More

CVE-2024-38829 : VMWARE SPRING LDAP UP TO 2.4.3/3.0.9/3.1.7/3.2.7 STRING.TOLOWERCASE/STRING.TOUPPERCASE CASE SENSITIVITY

CVE-2024-38829 : VMWARE SPRING LDAP UP TO 2.4.3/3.0.9/3.1.7/3.2.7 STRING.TOLOWERCASE/STRING.TOUPPERCASE CASE SENSITIVITY

Description A vulnerability in VMware Tanzu Spring LDAP allows data exposure for case sensitive comparisons. This issue affects Spring LDAP: