Lucene search

DellCVELIST:CVE-2023-48671

HistoryDec 14, 2023 - 4:15 p.m.

CVE-2023-48671

2023-12-1416:15:29

CWE-200

dell

www.cve.org

dell vapp manager

version 9.2.4.x

information disclosure

remote attacker

exploit

sensitive information

further attacks

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.3%

JSON

Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information that may aid in further attacks.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "vApp Manager",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to 9.2.4.x"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.3%

JSON

Related for CVELIST:CVE-2023-48671