Allele Security Alert
ASA-2019-00261, CVE-2019-3718, DSA-2019-051
Improper Origin Validation
Dell SupportAssist Client
Dell SupportAssist Client versions prior to 220.127.116.11
Dell SupportAssist Client version 18.104.22.168 and later
Proof of concept
Dell SupportAssist Client versions prior to 22.214.171.124 contain an improper origin validation vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to attempt Cross-Site Request Forgery (CSRF) attacks on users of the impacted systems.
John C. Hennessy-ReCar
DSA-2019-051: Dell SupportAssist Client Multiple Vulnerabilities
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 11, 2019