CVE Record: CVE-2024-52542

Required CVE Record Information

Description

Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering.

CWE 1 Total

Learn more

CWE-61: CWE-61: UNIX Symbolic Link (Symlink) Following

CVSS 1 Total

Learn more

Score	Severity	Version	Vector String
4.4	MEDIUM	3.1	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Credits

Dell Technologies would like to thank Ouallaout Noureddine for reporting this issue. finder

References 1 Total

https://www.dell.com/support/kbdoc/en-us/000261039/dsa-2024-496-security-update-for-dell-appsync-vulnerabilities
external site
vendor-advisory

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Dell EMC

Description

CWE 1 Total

CVSS 1 Total

Product Status

Credits

References 1 Total

Authorized Data Publishers

CISA-ADP