3.3
CVE-2023-32464
- EPSS 0.07%
- Veröffentlicht 23.06.2023 08:15:09
- Zuletzt bearbeitet 21.11.2024 08:03:24
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Vxrail D560 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail D560f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E460 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E560 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E560 Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E560f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E560f Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E560n Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E560n Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E660 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E660f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E660n Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E665 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E665f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail E665n Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail G560 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail G560 Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail G560f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail G560f Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P470 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P570 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P570 Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P570f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P570f Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P580n Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P580n Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P670f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P670n Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P675f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail P675n Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail S470 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail S570 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail S570 Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail S670 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail V470 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail V570 Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail V570 Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail V570f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail V570f Vcf Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail V670f Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail Vd-4000r Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail Vd-4000w Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail Vd-4000z Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail Vd-4510c Firmware Version >= 7.0.0 < 7.0.450
Dell ≫ Vxrail Vd-4520c Firmware Version >= 7.0.0 < 7.0.450
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.205 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 0.7 | 2.5 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
|
| security_alert@emc.com | 2.7 | 1.2 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.