CVE-2024-37129 MEDIUM

CVE-2024-37129

Vendor Dell
Product Dell Inventory Collector
Weakness CWE-22 · Path traversal
Published July 31, 2024
Last update July 31, 2024

CVSS base score

6.7/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system.

Key dates

02Disclosure timeline

July 31, 2024 CVE published
July 31, 2024 Record updated