Repository Manager
Monthly
Dell Repository Manager versions before 3.4.8 suffer from an uncontrolled search path vulnerability that allows local attackers with low privileges to execute arbitrary code and escalate their access. An attacker with local system access and user interaction can exploit improper path handling to inject malicious code into the application's execution flow. A patch is available to remediate this HIGH severity issue affecting the repository management functionality.
Dell Repository Manager (DRM), versions 3.4.7 and 3.4.8, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager versions before 3.4.8 suffer from an uncontrolled search path vulnerability that allows local attackers with low privileges to execute arbitrary code and escalate their access. An attacker with local system access and user interaction can exploit improper path handling to inject malicious code into the application's execution flow. A patch is available to remediate this HIGH severity issue affecting the repository management functionality.
Dell Repository Manager (DRM), versions 3.4.7 and 3.4.8, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. Rated high severity (CVSS 7.5). No vendor patch available.
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.