Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A local authenticated malicious user with low privileges potentially could exploit this vulnerability to delete arbitrary files by creating a symlink from the "Temp\IC\ICDebugLog.txt" to any targeted file. This issue occurs because of insecure handling of Temp directory permissions that were set incorrectly.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2019-12-03T20:20:16.832347Z

Updated: 2024-09-16T23:11:52.600Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3750

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-12-03T21:15:11.550

Modified: 2019-12-10T16:05:47.060

Link: CVE-2019-3750

cve-icon Redhat

No data.