CVE-2018-15773
MEDIUMDell Encryption < 10.1.0 - Unauthorized Sensitive Information Exposure via RegBack Folder
Title source: llmDescription
Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. A malicious user with physical access to the machine could potentially exploit this vulnerability to access the unencrypted RegBack folder that contains back-ups of sensitive system files.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.dell.com/support/article/us/en/04/sln314963/dell-encryption-enterprise-dell-data-protection-encryption-information-disclosure-vulnerability?lang=en
Scores
CVSS v3
4.3
EPSS
0.0003
EPSS Percentile
10.4%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
dell/data_protection_\|_encryption
< 10.1.0
Published
Dec 05, 2018
Tracked Since
Feb 18, 2026