CVE-2024-37137 LOW

CVE-2024-37137

Vendor Dell
Product CloudLink
Weakness CWE-1240
Published June 28, 2024
Last update August 2, 2024

CVSS base score

3.8/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure.

Key dates

02Disclosure timeline

June 28, 2024 CVE published
August 2, 2024 Record updated