CVE-2022-34392 in SupportAssist for Home PCsinformation

Résumé

par MITRE • 11/02/2023

SupportAssist for Home PCs (versions 3.11.4 and prior) contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

Dell

Réserver

23/06/2022

Divulgation

11/02/2023

Modérer

accepté

Entrée

VDB-220600

CPE

prêt

EPSS

0.00164

KEV

non

Activités

très faible

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!