This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Dell First view 2019-04-18
Product Supportassist Last view 2019-04-18
Version - Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:dell:supportassist

Activity : Overall

Related : CVE

  Date Alert Description
8 2019-04-18 CVE-2019-3719

Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.

8.8 2019-04-18 CVE-2019-3718

Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-352 Cross-Site Request Forgery (CSRF)
50% (1) CWE-20 Improper Input Validation