cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32479,https://securityvulnerability.io/vulnerability/CVE-2023-32479,Privilege Escalation Vulnerability in Dell Encryption,"A privilege escalation vulnerability exists in specific versions of Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server. This issue arises from improper access control list (ACL) configurations within the non-default installation directory of these products. A local attacker with malicious intent could exploit this vulnerability by replacing binaries in the affected directory. Such an exploit could lead to a reverse shell on the system, allowing the attacker to gain elevated privileges and perform unauthorized actions.",Dell,"Dell Encryption,Dell Endpoint Security Suite Enterprise,Dell Security Management Server (windows)",6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-06T08:09:30.931Z,0
CVE-2023-39246,https://securityvulnerability.io/vulnerability/CVE-2023-39246,Insecure Operation Vulnerability in Dell Encryption Products,"Dell Encryption and its related products, such as Dell Endpoint Security Suite Enterprise and Dell Security Management Server, are impacted by a vulnerability during the installation process. This flaw allows a local malicious user to exploit insecure operations on Windows Junctions, potentially creating arbitrary folders within restricted directories. Such an exploit could lead to privilege escalation, enabling unauthorized access and manipulation of system resources.",Dell,"Dell Encryption, Dell Endpoint Security Suite Enterprise, Dell Security Management Server (Windows)",7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-16T09:15:00.000Z,0
CVE-2020-5385,https://securityvulnerability.io/vulnerability/CVE-2020-5385,,Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.,Dell,Dell Encryption Enterprise,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-08-18T00:00:00.000Z,0
CVE-2020-5358,https://securityvulnerability.io/vulnerability/CVE-2020-5358,,Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.,Dell,Dell Encryption Enterprise,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-06-15T21:15:00.000Z,0
CVE-2020-5327,https://securityvulnerability.io/vulnerability/CVE-2020-5327,,"Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.",Dell,Dell Encryption Enterprise,8.1,HIGH,0.005609999876469374,false,,false,false,false,,,false,false,,2020-03-06T21:15:00.000Z,0
CVE-2019-3745,https://securityvulnerability.io/vulnerability/CVE-2019-3745,,"The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0. This issue is exploitable only during the installation of the product by an administrator. A local authenticated low privileged user potentially could exploit this vulnerability by staging a malicious DLL in the search path of the installer prior to its execution by a local administrator. This would cause loading of the malicious DLL, which would allow the attacker to execute arbitrary code in the context of an administrator.",Dell,"Dell Encryption Enterprise,Dell Endpoint Security Suite Enterprise",6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-10-07T19:15:00.000Z,0
CVE-2018-15773,https://securityvulnerability.io/vulnerability/CVE-2018-15773,Dell Encryption Enterprise \ Dell Data Protection Encryption Information Disclosure Vulnerability,Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive system files.,Dell,Dell Encryption (formerly Dell Data Protection | Encryption),4.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-12-05T18:29:00.000Z,0