Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hybrid_client
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 10 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-04-30 | CVE-2021-21534 | Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API. | Hybrid_client | 3.3 | ||
| 2021-04-30 | CVE-2021-21535 | Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system. | Hybrid_client | 7.8 | ||
| 2021-04-30 | CVE-2021-21536 | Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensitive information. | Hybrid_client | 5.5 | ||
| 2021-04-30 | CVE-2021-21537 | Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to view and exfiltrate sensitive information on the system. | Hybrid_client | 5.5 | ||
| 2022-09-30 | CVE-2022-34428 | Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service. | Hybrid_client | 2.7 | ||
| 2022-09-30 | CVE-2022-34429 | Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | Hybrid_client | 7.1 | ||
| 2022-10-11 | CVE-2022-34432 | Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. | Hybrid_client | 8.2 | ||
| 2022-10-11 | CVE-2022-34430 | Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | Hybrid_client | 7.5 | ||
| 2022-10-11 | CVE-2022-34431 | Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. | Hybrid_client | 6.5 | ||
| 2023-07-20 | CVE-2023-32476 | Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. | Hybrid_client | 5.5 |