Details of VAR-202407-1822

ID

VAR-202407-1822

CVE

CVE-2024-38301

TITLE

Dell's Alienware Command Center Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-005322

DESCRIPTION

Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure. Dell's Alienware Command Center Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-38301 // JVNDB: JVNDB-2024-005322

AFFECTED PRODUCTS

vendor:	dell	model:	alienware command center	scope:	gte	version:	5.0	Trust: 1.0
vendor:	dell	model:	alienware command center	scope:	lte	version:	5.7.3.0	Trust: 1.0
vendor:	デル	model:	alienware command center	scope:	eq	version:	5.0 to 5.7.3.0	Trust: 0.8
vendor:	デル	model:	alienware command center	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	alienware command center	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-005322 // NVD: CVE-2024-38301

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-38301
value:	HIGH
Trust: 1.0
security_alert@emc.com:	CVE-2024-38301
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2024-38301
value:	HIGH
Trust: 0.8

nvd@nist.gov:	CVE-2024-38301
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
security_alert@emc.com:	CVE-2024-38301
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2024-38301
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-005322 // NVD: CVE-2024-38301 // NVD: CVE-2024-38301

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-1107	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-005322 // NVD: CVE-2024-38301

EXTERNAL IDS

db:	NVD	id:	CVE-2024-38301	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-005322	Trust: 0.8

sources: JVNDB: JVNDB-2024-005322 // NVD: CVE-2024-38301

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000225774/dsa-2024-258	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-38301	Trust: 0.8

sources: JVNDB: JVNDB-2024-005322 // NVD: CVE-2024-38301

SOURCES

db:	JVNDB	id:	JVNDB-2024-005322
db:	NVD	id:	CVE-2024-38301

LAST UPDATE DATE

2024-08-17T22:52:16.994000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-005322	date:	2024-08-15T02:03:00
db:	NVD	id:	CVE-2024-38301	date:	2024-08-08T17:01:45.347

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-005322	date:	2024-08-15T00:00:00
db:	NVD	id:	CVE-2024-38301	date:	2024-07-10T03:15:02.447