CVE-2023-4129: DSA-2023-346: Security Update for Dell Data Protection Central

Impact

Medium

Details

Proprietary Code CVE

Description

CVSS Base Score

CVSS Vector String

CVE-2023-4129

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

5.9

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Proprietary Code CVE

Description

CVSS Base Score

CVSS Vector String

CVE-2023-4129

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext.

5.9

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product

Affected Versions

Remediated Versions

Link

Dell Data Protection Central

Version 19.9.0-10

Version 19.9.0-12

https://www.dell.com/support/home/product-support/product/data-protection-central/drivers

Product

Affected Versions

Remediated Versions

Link

Dell Data Protection Central

Version 19.9.0-10

Version 19.9.0-12

https://www.dell.com/support/home/product-support/product/data-protection-central/drivers

Revision History

Revision

Date

Description

1.0

2023-09-27

Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Additional Information

Platform: SUSE Linux Enterprise Server 12 SP5
See the latest ‘Dell Data Protection Central 19.9 Release Notes’ in Dell Data Protection Central 19.9 Release Notes | Dell US