A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.lenovo.com/us/en/product_security/LEN-158394 |
History
Fri, 11 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Lenovo
Lenovo dolby Vision Provisioning Software |
|
CPEs | cpe:2.3:a:lenovo:dolby_vision_provisioning_software:*:*:*:*:*:*:*:* | |
Vendors & Products |
Lenovo
Lenovo dolby Vision Provisioning Software |
|
Metrics |
ssvc
|
Fri, 11 Oct 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue. | |
Weaknesses | CWE-276 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: lenovo
Published: 2024-10-11T15:15:12.643Z
Updated: 2024-10-11T19:07:47.060Z
Reserved: 2024-05-29T14:21:27.520Z
Link: CVE-2024-5474
Vulnrichment
Updated: 2024-10-11T19:07:34.223Z
NVD
Status : Awaiting Analysis
Published: 2024-10-11T16:15:14.440
Modified: 2024-10-15T12:58:51.050
Link: CVE-2024-5474
Redhat
No data.