CVE Vulnerabilities

CVE-2022-34388

Cleartext Storage of Sensitive Information in Executable

Published: Feb 11, 2023 | Modified: Nov 21, 2024
CVSS 3.x
7.1
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and  SupportAssist for Business PCs (version 3.2.0 and prior) contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of the affected application.

Weakness

The product stores sensitive information in cleartext in an executable.

Affected Software

Name Vendor Start Version End Version
Supportassist_for_business_pcs Dell * 3.2.0 (including)
Supportassist_for_home_pcs Dell * 3.11.4 (including)

References