Lucene search

[email protected]CVE-2023-32464

HistoryJun 23, 2023 - 8:15 a.m.

CVE-2023-32464

2023-06-2308:15:09

CWE-295

[email protected]

web.nvd.nist.gov

dell

vxrail

cve-2023-32464

cybersecurity

certificate validation

3.3 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

3.9 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.8%

JSON

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim’s traffic to view or modify a victim’s data in transit.

Affected configurations

NVD

Node

dellvxrail_d560_firmwareRange7.0.0–7.0.450

AND

dellvxrail_d560Match-

Node

dellvxrail_d560f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_d560fMatch-

Node

dellvxrail_e460_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e460Match-

Node

dellvxrail_e560_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e560Match-

Node

dellvxrail_e560_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e560_vcfMatch-

Node

dellvxrail_e560f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e560fMatch-

Node

dellvxrail_e560f_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e560f_vcfMatch-

Node

dellvxrail_e560n_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e560nMatch-

Node

dellvxrail_e560n_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e560n_vcfMatch-

Node

dellvxrail_e660_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e660Match-

Node

dellvxrail_e660f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e660fMatch-

Node

dellvxrail_e660n_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e660nMatch-

Node

dellvxrail_e665_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e665Match-

Node

dellvxrail_e665f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e665fMatch-

Node

dellvxrail_e665n_firmwareRange7.0.0–7.0.450

AND

dellvxrail_e665nMatch-

Node

dellvxrail_g560_firmwareRange7.0.0–7.0.450

AND

dellvxrail_g560Match-

Node

dellvxrail_g560_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_g560_vcfMatch-

Node

dellvxrail_g560f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_g560fMatch-

Node

dellvxrail_g560f_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_g560f_vcfMatch-

Node

dellvxrail_p470_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p470Match-

Node

dellvxrail_p570_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p570Match-

Node

dellvxrail_p570_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p570_vcfMatch-

Node

dellvxrail_p570f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p570fMatch-

Node

dellvxrail_p570f_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p570f_vcfMatch-

Node

dellvxrail_p580n_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p580nMatch-

Node

dellvxrail_p580n_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p580n_vcfMatch-

Node

dellvxrail_p670f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p670fMatch-

Node

dellvxrail_p670n_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p670nMatch-

Node

dellvxrail_p675f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p675fMatch-

Node

dellvxrail_p675n_firmwareRange7.0.0–7.0.450

AND

dellvxrail_p675nMatch-

Node

dellvxrail_s470_firmwareRange7.0.0–7.0.450

AND

dellvxrail_s470Match-

Node

dellvxrail_s570_firmwareRange7.0.0–7.0.450

AND

dellvxrail_s570Match-

Node

dellvxrail_s570_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_s570_vcfMatch-

Node

dellvxrail_s670_firmwareRange7.0.0–7.0.450

AND

dellvxrail_s670Match-

Node

dellvxrail_v470_firmwareRange7.0.0–7.0.450

AND

dellvxrail_v470Match-

Node

dellvxrail_v570_firmwareRange7.0.0–7.0.450

AND

dellvxrail_v570Match-

Node

dellvxrail_v570_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_v570_vcfMatch-

Node

dellvxrail_v570f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_v570fMatch-

Node

dellvxrail_v570f_vcf_firmwareRange7.0.0–7.0.450

AND

dellvxrail_v570f_vcfMatch-

Node

dellvxrail_v670f_firmwareRange7.0.0–7.0.450

AND

dellvxrail_v670fMatch-

Node

dellvxrail_vd-4000r_firmwareRange7.0.0–7.0.450

AND

dellvxrail_vd-4000rMatch-

Node

dellvxrail_vd-4000w_firmwareRange7.0.0–7.0.450

AND

dellvxrail_vd-4000wMatch-

Node

dellvxrail_vd-4000z_firmwareRange7.0.0–7.0.450

AND

dellvxrail_vd-4000zMatch-

Node

dellvxrail_vd-4510c_firmwareRange7.0.0–7.0.450

AND

dellvxrail_vd-4510cMatch-

Node

dellvxrail_vd-4520c_firmwareRange7.0.0–7.0.450

AND

dellvxrail_vd-4520cMatch-

CPENameOperatorVersion
dell:vxrail_d560_firmwaredell vxrail d560 firmwarelt7.0.450

CPE	Name	Operator	Version
dell:vxrail_d560_firmware	dell vxrail d560 firmware	lt	7.0.450

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Dell EMC VxRail Appliance",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.x versions before 7.0.450"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450

3.3 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

3.9 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.8%

JSON

Related for CVE-2023-32464

prion1 nvd1 cvelist1