Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.
History

Wed, 30 Oct 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 30 Oct 2024 15:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-451

Wed, 30 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Description Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability in Feedback submission. An attacker could potentially exploit this vulnerability, to manipulate the email's appearance, potentially deceiving recipients and causing reputational and security risks. Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.

Wed, 16 Oct 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell e-lab Navigator
Weaknesses CWE-639
CPEs cpe:2.3:a:dell:e-lab_navigator:3.1.9:*:*:*:*:*:*:*
cpe:2.3:a:dell:e-lab_navigator:3.2.0:*:*:*:*:*:*:*
Vendors & Products Dell
Dell e-lab Navigator

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2024-02-14T07:01:59.081Z

Updated: 2024-10-30T15:06:57.786Z

Reserved: 2024-01-10T15:29:59.457Z

Link: CVE-2024-22455

cve-icon Vulnrichment

Updated: 2024-08-01T22:43:35.001Z

cve-icon NVD

Status : Modified

Published: 2024-02-14T07:15:09.803

Modified: 2024-11-21T08:56:19.423

Link: CVE-2024-22455

cve-icon Redhat

No data.