Lucene search

DellCVELIST:CVE-2024-39583

HistorySep 10, 2024 - 8:45 a.m.

CVE-2024-39583

2024-09-1008:45:15

CWE-327

dell

www.cve.org

dell powerscale

insightiq

vulnerability

elevation of privileges

cryptographic algorithm

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

39.6%

JSON

Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "PowerScale InsightIQ",
    "vendor": "Dell",
    "versions": [
      {
        "lessThanOrEqual": "5.1",
        "status": "affected",
        "version": "5.0",
        "versionType": "semver"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

39.6%

JSON

Related for CVELIST:CVE-2024-39583