Allele Security Alert
ASA-2019-00261, CVE-2019-3718, DSA-2019-051
Improper Origin Validation
Dell SupportAssist Client
Dell SupportAssist Client versions prior to 126.96.36.199
Dell SupportAssist Client version 188.8.131.52 and later
Proof of concept
Dell SupportAssist Client versions prior to 184.108.40.206 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt Cross-Site Request Forgery (CSRF) attacks on users of the impacted systems.
John C. Hennessy-ReCar
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 11, 2019