Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveDellCVE-2023-32471
HistoryJul 24, 2024 - 8:15 a.m.

CVE-2023-32471

2024-07-2408:15:02
CWE-125
dell
web.nvd.nist.gov
26
dell
edge gateway
bios
vulnerability
out-of-bounds read
local authenticated user
stack memory

CVSS3

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

9.4%

JSON

Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.

Affected configurations

Nvd
Vulners
Vulnrichment
Node
delledge_gateway_3200_firmwareMatch-
AND
delledge_gateway_3200Match-
Node
delledge_gateway_5200_firmwareMatch-
AND
delledge_gateway_5200Match-
Node
dellprecision_3930_rack_firmwareMatch-
AND
dellprecision_3930_rackMatch-
Node
delloptiplex_7080_firmwareMatch-
AND
delloptiplex_7080Match-
Node
dellprecision_5520_firmwareMatch-
AND
dellprecision_5520Match-
Node
dellinspiron_7460_firmwareMatch-
AND
dellinspiron_7460Match-
Node
dellprecision_5820_tower_firmwareMatch-
AND
dellprecision_5820_towerMatch-
Node
dellg5_5587_firmwareMatch-
AND
dellg5_5587Match-
Node
dellg7_7588_firmwareMatch-
AND
dellg7_7588Match-
Node
dellvostro_15_7580_firmwareMatch-
AND
dellvostro_15_7580Match-
VendorProductVersionCPE
delledge_gateway_3200_firmware-cpe:2.3:o:dell:edge_gateway_3200_firmware:-:*:*:*:*:*:*:*
delledge_gateway_3200-cpe:2.3:h:dell:edge_gateway_3200:-:*:*:*:*:*:*:*
delledge_gateway_5200_firmware-cpe:2.3:o:dell:edge_gateway_5200_firmware:-:*:*:*:*:*:*:*
delledge_gateway_5200-cpe:2.3:h:dell:edge_gateway_5200:-:*:*:*:*:*:*:*
dellprecision_3930_rack_firmware-cpe:2.3:o:dell:precision_3930_rack_firmware:-:*:*:*:*:*:*:*
dellprecision_3930_rack-cpe:2.3:h:dell:precision_3930_rack:-:*:*:*:*:*:*:*
delloptiplex_7080_firmware-cpe:2.3:o:dell:optiplex_7080_firmware:-:*:*:*:*:*:*:*
delloptiplex_7080-cpe:2.3:h:dell:optiplex_7080:-:*:*:*:*:*:*:*
dellprecision_5520_firmware-cpe:2.3:o:dell:precision_5520_firmware:-:*:*:*:*:*:*:*
dellprecision_5520-cpe:2.3:h:dell:precision_5520:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 201

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Dell Edge Gateway 5200",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "v1.05.10",
        "status": "affected",
        "version": "N/A",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Dell Edge Gateway 3200",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "v1.03.10",
        "status": "affected",
        "version": "N/A",
        "versionType": "semver"
      }
    ]
  }
]

Related

vulnrichment 1
cvelist 1
nvd 1
vulnrichment
vulnrichment
CVE-2023-32471
2024-07-24 07:08:51
cvelist
cvelist
CVE-2023-32471
2024-07-24 07:08:51
nvd
nvd
CVE-2023-32471
2024-07-24 08:15:02

CVSS3

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

9.4%

JSON
Related for CVE-2023-32471
vulnrichment1cvelist1nvd1