CVE-2023-23697

LOW Year: 2023
CVSS v3 Score
3.3
Low
Weakness Type
CWE-1386
View all →

Vulnerability Description

Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.

Related Vulnerabilities

CVE-2023-24572

LOW
CVSS:3.3(Low)

Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially...

CWE-13862023

CVE-2023-5834

HIGH
CVSS:7.8(High)

HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.

CWE-13862023

CVE-2023-28065

HIGH
CVSS:7.3(High)

Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentiall...

CWE-13862023

CVE-2023-23698

HIGH
CVSS:7.1(High)

Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potential...

CWE-13862023

CVE-2023-28071

HIGH
CVSS:7.1(High)

Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could poten...

CWE-13862023

CVE-2023-32454

HIGH
CVSS:7.1(High)

DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary ...

CWE-13862023