CVE-2023-25543

Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:power_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:49

Type Values Removed Values Added
References () https://www.dell.com/support/kbdoc/en-us/000209464/dsa-2023-075 - Patch, Vendor Advisory () https://www.dell.com/support/kbdoc/en-us/000209464/dsa-2023-075 - Patch, Vendor Advisory

12 Feb 2024, 17:12

Type Values Removed Values Added
CPE cpe:2.3:a:dell:power_manager:*:*:*:*:*:*:*:*
First Time Dell
Dell power Manager
CWE CWE-755
References () https://www.dell.com/support/kbdoc/en-us/000209464/dsa-2023-075 - () https://www.dell.com/support/kbdoc/en-us/000209464/dsa-2023-075 - Patch, Vendor Advisory

06 Feb 2024, 13:53

Type Values Removed Values Added
Summary
  • (es) Dell Power Manager, versiones anteriores a la 3.14, contienen una vulnerabilidad de autorización incorrecta en el servicio DPM. Un usuario malintencionado con pocos privilegios podría explotar esta vulnerabilidad para elevar los privilegios en el sistema.

06 Feb 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-06 07:15

Updated : 2024-11-21 07:49


NVD link : CVE-2023-25543

Mitre link : CVE-2023-25543

CVE.ORG link : CVE-2023-25543


JSON object : View

Products Affected

dell

  • power_manager
CWE
CWE-280

Improper Handling of Insufficient Permissions or Privileges

CWE-755

Improper Handling of Exceptional Conditions