CVE-2024-53291

CVSS 7.5 HIGHEPSS 0.3%CWE-1230

In short

Dell NativeEdge version 2.1.0.0 leaks sensitive information through metadata that can be accessed without logging in. An attacker on the internet could read this exposed data to gain unauthorized access to system details.

Technical detail

Dell NativeEdge 2.1.0.0 contains a metadata exposure vulnerability (CWE-1230) allowing unauthenticated remote attackers to retrieve sensitive information. The vulnerability requires only network access with no authentication; successful exploitation results in information disclosure that could facilitate further attacks.

Summary generated and translated by AI from the official description.

Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Dell · NativeEdge

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/en-us/000258904/dsa-2024-488-security-update-for-dell-nativeedge-multiple-vulnerabilities