Lucene search

DellCVELIST:CVE-2023-23689

HistoryFeb 28, 2023 - 4:40 p.m.

CVE-2023-23689

2023-02-2816:40:39

CWE-400

dell

www.cve.org

dell powerscale

hardware management software

uncontrolled resource consumption

denial of service

cve-2023-23689

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

33.6%

JSON

Dell PowerScale nodes A200, A2000, H400, H500, H600, H5600, F800, F810 integrated hardware management software contains an uncontrolled resource consumption vulnerability. This may allow an unauthenticated network host to impair built-in hardware management functionality and trigger OneFS data protection mechanism causing a denial of service.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "A200",
      "A2000",
      "H400",
      "H500",
      "H600",
      "H5600",
      "F800",
      "F810"
    ],
    "product": "PowerScale OneFS",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "9.5.0.x, 9.4.0.x, 9.3.0.x, 9.2.1.x, 9.2.0.x, 9.1.0.x, 9.0.0.x"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000209895/dell-emc-powerscale-onefs-security-updates-for-multiple-security

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

33.6%

JSON

Related for CVELIST:CVE-2023-23689