Dell CM <10.9 Local Auth Privileged Folder Delete
CVE-2023-28049 Published on February 6, 2024
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.
Vulnerability Analysis
CVE-2023-28049 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Privilege Defined With Unsafe Actions
A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
Products Associated with CVE-2023-28049
Want to know whenever a new CVE is published for Dell Command Monitor? stack.watch will email you.
Affected Versions
Dell Command Monitor (DCM):- Before and including 10.9 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.