CVE-2018-15773 Information

Description

Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive system files.

CVSS Vector

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.3