Allele Security Alert
ASA-2019-00261, CVE-2019-3718, DSA-2019-051
Improper Origin Validation
Dell SupportAssist Client
Dell SupportAssist Client versions prior to 184.108.40.206
Dell SupportAssist Client version 220.127.116.11 and later
Proof of concept
Dell SupportAssist Client versions prior to 18.104.22.168 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt Cross-Site Request Forgery (CSRF) attacks on users of the impacted systems.
John C. Hennessy-ReCar
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 11, 2019