CVE-2024-28963

Published: Apr 24, 2024Modified: Feb 4, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability to read sensitive proxy settings information.

Affected (1)

Products: Dell: Telemetry Dashboard

Dell

1 product

Telemetry Dashboard

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dell Telemetry Dashboard	Version 1.0.0.7

Running on/with	Platform Versions
Dell Thinos	Version 2402

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.dell.com/support/kbdoc/en-us/000224317/dsa-2024-170

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/en-us/000224317/dsa-2024-170

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.