Lucene search

DellCVELIST:CVE-2023-32463

HistoryJun 23, 2023 - 7:51 a.m.

CVE-2023-32463

2023-06-2307:51:55

CWE-20

dell

www.cve.org

dell vxrail

denial of service

remote attacker

system malfunction

3.4 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

0.002 Low

EPSS

Percentile

53.3%

JSON

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Dell EMC VxRail Appliance",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Version Prior to 8.0.100"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities

3.4 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

0.002 Low

EPSS

Percentile

53.3%

JSON

Related for CVELIST:CVE-2023-32463