Vulnerability DatabaseCVE-2023-24572

CVE-2023-24572:
Dell Command | Integration Suite for System Center vulnerability analysis and mitigation

Overview

Dell Command | Integration Suite for System Center, versions prior to 6.4.0, contains an arbitrary folder delete vulnerability during uninstallation (CVE-2023-24572). The vulnerability was disclosed on February 7, 2023, and affects the software's uninstallation process (Dell Advisory).

Technical details

The vulnerability is classified with a CVSS v3.1 base score metrics of AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local access required, high attack complexity, low privileges required, no user interaction needed, and high impact on availability (NVD).

Impact

If exploited, this vulnerability allows a locally authenticated malicious user to perform arbitrary folder deletion during the uninstallation process of the software. The impact is primarily focused on system availability, with no direct effect on confidentiality or integrity (Dell Advisory).

Mitigation and workarounds

Dell has released version 6.4.0 of Dell Command | Integration Suite for System Center to address this vulnerability. Users are advised to upgrade to this version to mitigate the risk (Dell Advisory).

Additional resources

Source: This report was generated using AI

Related Dell Command | Integration Suite for System Center vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2022-34373	HIGH	7.8	Dell Command \| Integration Suite for System Center	cpe:2.3:a:dell:command_\\|_integration_suite_for_system_center	No	Yes	Aug 31, 2022
CVE-2023-24572	LOW	3.3	Dell Command \| Integration Suite for System Center	cpe:2.3:a:dell:command_\\|_integration_suite_for_system_center	No	Yes	Feb 13, 2023

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2023-24572: Dell Command | Integration Suite for System Center vulnerability analysis and mitigation