Lucene search

[email protected]CVE-2023-4129

HistorySep 27, 2023 - 4:21 p.m.

CVE-2023-4129

2023-09-2716:21:35

CWE-326

[email protected]

web.nvd.nist.gov

cve-2023-4129

dell

data protection

central

encryption strength

vulnerability

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.3%

JSON

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

Affected configurations

NVD

Node

delldata_protection_centralMatch19.9.0-10

CPENameOperatorVersion
dell:data_protection_centraldell data protection centraleq19.9.0-10

CPE	Name	Operator	Version
dell:data_protection_central	dell data protection central	eq	19.9.0-10

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Data Protection Central",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Version 19.9.0-10"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000218045/dsa-2023-346-security-update-for-dell-data-protection-central

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.3%

JSON

Related for CVE-2023-4129

cnvd1 cvelist1 prion1 nvd1