CVE-2023-32476 MEDIUM

CVE-2023-32476

Vendor Dell

Product Dell Hybrid Client (DHC)

Weakness CWE-200 · Info exposure

Published July 20, 2023

Last update October 24, 2024

View on NVD All CVEs

CVSS base score

6.4/10

Attack vector Local

Attack complexity High

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files.

Key dates

02Disclosure timeline

July 20, 2023 CVE published

October 24, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-32476

Related vulnerabilities

04Related CVE

CVE-2025-30222 Shescape has potential environment variable exposure on Windows with CMD CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`) CVE-2025-7780 AI Engine <= 2.9.4 - Missing URL Scheme Validation to Authenticated (Subscriber+) Arbitrary File Read via simpleTranscribeAudio and get_audio Functions CVE-2025-52488 DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes