CVE-2019-3718: CSRF
First published: Thu Apr 18 2019(Updated: )
Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt CSRF attacks on users of the impacted systems.
Credit: security_alert@emc.com security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell SupportAssist | <3.2.0.90 | |
| <3.2.0.90 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-3718?
CVE-2019-3718 has been classified as a high-severity vulnerability due to its potential for exploitation through CSRF attacks.
How do I fix CVE-2019-3718?
To fix CVE-2019-3718, users should update the Dell SupportAssist Client to version 3.2.0.90 or later.
Who is affected by CVE-2019-3718?
CVE-2019-3718 affects users of Dell SupportAssist Client versions prior to 3.2.0.90.
What type of vulnerability is CVE-2019-3718?
CVE-2019-3718 is an improper origin validation vulnerability that can lead to CSRF attacks.
Can CVE-2019-3718 be exploited remotely?
Yes, CVE-2019-3718 can be exploited remotely by an unauthenticated attacker.
- agent/references
- agent/type
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- vendor/dell
- canonical/dell supportassist