{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T21:24:36.894","vulnerabilities":[{"cve":{"id":"CVE-2023-32458","sourceIdentifier":"security_alert@emc.com","published":"2023-09-27T16:21:11.757","lastModified":"2024-11-21T08:03:23.590","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nDell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation.\n\n"},{"lang":"es","value":"Dell AppSync, versiones 4.4.0.0 a 4.6.0.0, incluidas las versiones de Service Pack, contiene una vulnerabilidad de control de acceso inadecuado en el componente Embedded Service Enabler. Un usuario malintencionado local podría explotar esta vulnerabilidad durante la instalación, lo que provocaría una escalada de privilegios."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emc:appsync:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0.0","versionEndIncluding":"4.6.0.0","matchCriteriaId":"C748098E-7C00-449D-A2BE-51E0D80304D2"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000218038/dsa-2023-331-dell-emc-appsync-security-update-for-dell-embedded-service-enabler-vulnerability","source":"security_alert@emc.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.dell.com/support/kbdoc/en-us/000218038/dsa-2023-331-dell-emc-appsync-security-update-for-dell-embedded-service-enabler-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}