Lucene search

DellCVELIST:CVE-2023-32463

HistoryJun 23, 2023 - 7:51 a.m.

CVE-2023-32463

2023-06-2307:51:55

CWE-20

dell

www.cve.org

dell vxrail

denial of service

remote attacker

system malfunction

CVSS3

3.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

EPSS

0.002

Percentile

53.1%

JSON

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Dell EMC VxRail Appliance",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Version Prior to 8.0.100"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities

CVSS3

3.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

EPSS

0.002

Percentile

53.1%

JSON

Related for CVELIST:CVE-2023-32463