CVE-2019-3719 · CVEKit

cve.orgen

358 chars

Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.

NVDen

358 chars

Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites.

NVDes

433 chars

Las versiones de Dell SupportAssist Client anteriores a la versión 3.2.0.90 contienen una vulnerabilidad de ejecución de código remota. Un atacante no identificado, que comparte la capa de acceso a la red con el sistema vulnerable, puede comprometer al sistema vulnerable engañando a un usuario víctima para que descargue y active ejecutables arbitrarios por medio del cliente SupportAssist desde los sitios alojados por el atacante.

CVSS metrics across sources

4

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.9	5.5	10.0	AV:A/AC:M/Au:N/C:C/I:C/A:C
3.0	Primary	cve.org	7.1	—	—	CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H