CVE-2023-32465: DSA-2023-201: Security Update for Dell PowerProtect Cyber Recovery

Vaikutus

High

Tiedot

Proprietary Code CVE

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32465

Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.

8.8

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Proprietary Code CVE

Description

CVSS Base Score

CVSS Vector String

CVE-2023-32465

Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.

8.8

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

CVEs Addressed

Product

Affected Versions

Remediated Version

Link

CVE-2023-32465

Dell PowerProtect Cyber Recovery

19.4 through 19.13.0.2

19.13.0.3

Cyber Recovery 19.13.0.3

CVEs Addressed

Product

Affected Versions

Remediated Version

Link

CVE-2023-32465

Dell PowerProtect Cyber Recovery

19.4 through 19.13.0.2

19.13.0.3

Cyber Recovery 19.13.0.3

Versiohistoria

Revision

Date

Description

1.0

2023-06-14

Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

14 kesäk. 2023