3.2.0

CVSS 4.6 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

dell

CWE-639

NVD

Published: 2024-02-14

Updated: 2024-10-30

Summary

Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell E LAB Navigator 3.1.9 Dell E LAB Navigator 3.2.0	2

Common Weakness Enumeration (CWE)

CWE-639 - Authorization Bypass Through User-Controlled Key

References

https://www.dell.com/support/kbdoc/en-us/000222015/dsa-2024-073-security-update-for-mobility-e-lab-navigator-vulnerabilities