Hybrid Client
by Dell
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-32476 | 0.00 | — | 0.00 | Jul 20, 2023 | Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. | |||
| CVE-2022-34432 | 0.00 | — | 0.00 | Oct 11, 2022 | Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. | |||
| CVE-2022-34431 | 0.00 | — | 0.01 | Oct 11, 2022 | Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. | |||
| CVE-2022-34430 | 0.00 | — | 0.00 | Oct 11, 2022 | Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | |||
| CVE-2022-34429 | 0.00 | — | 0.00 | Sep 30, 2022 | Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | |||
| CVE-2022-34428 | 0.00 | — | 0.01 | Sep 30, 2022 | Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service. | |||
| CVE-2021-21537 | 0.00 | — | 0.00 | Apr 30, 2021 | Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to view and exfiltrate sensitive information on the system. | |||
| CVE-2021-21536 | 0.00 | — | 0.00 | Apr 30, 2021 | Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensitive information. | |||
| CVE-2021-21535 | 0.00 | — | 0.00 | Apr 30, 2021 | Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system. | |||
| CVE-2021-21534 | 0.00 | — | 0.00 | Apr 30, 2021 | Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API. |
- CVE-2023-32476Jul 20, 2023risk 0.00cvss —epss 0.00
Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files.
- CVE-2022-34432Oct 11, 2022risk 0.00cvss —epss 0.00
Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders.
- CVE-2022-34431Oct 11, 2022risk 0.00cvss —epss 0.01
Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible.
- CVE-2022-34430Oct 11, 2022risk 0.00cvss —epss 0.00
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification.
- CVE-2022-34429Sep 30, 2022risk 0.00cvss —epss 0.00
Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification.
- CVE-2022-34428Sep 30, 2022risk 0.00cvss —epss 0.01
Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service.
- CVE-2021-21537Apr 30, 2021risk 0.00cvss —epss 0.00
Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to view and exfiltrate sensitive information on the system.
- CVE-2021-21536Apr 30, 2021risk 0.00cvss —epss 0.00
Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to register the client to a server in order to view sensitive information.
- CVE-2021-21535Apr 30, 2021risk 0.00cvss —epss 0.00
Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain root level access to the system.
- CVE-2021-21534Apr 30, 2021risk 0.00cvss —epss 0.00
Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vulnerability in order to gain access to sensitive information via the local API.