CVE-2018-15773

Published: Dec 5, 2018Modified: Nov 21, 2024

4.3

Vector

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.7 / Impact: 3.6

Source: NVD

Description

Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive system files.

Affected (1)

Products: Dell: Data Protection | Encryption

1 product

Data Protection | Encryption

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Data Protection \| Encryption	Up to 10.1.0

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en

Source: security_alert@emc.com

PatchVendor Advisory

https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.