Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-34404: DSA-2022-254: Dell System Update (DSU) Security Update for a Self-Signed Certificate Vulnerability

Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service.

CVE
Open in Source
#vulnerability#dos#dell

Vaikutus

Medium

Tiedot

Proprietary Code CVE

Description

CVSS Base Score

CVSS Vector String

CVE-2022-34404

Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service.

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Proprietary Code CVE

Description

CVSS Base Score

CVSS Vector String

CVE-2022-34404

Dell System Update, version 2.0.0 and earlier, contains an Improper Certificate Validation in data parser module. A local attacker with high privileges could potentially exploit this vulnerability, leading to credential theft and/or denial of service.

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen

CVE(s) Addressed

Product

Affected Version(s)

Updated Version(s)

Link to Update

CVE-2022-34404

DSU

Versions prior to 2.0.1.0

2.0.1.0

https://www.dell.com/support/home/drivers/driversdetails?driverid=8d3x6

CVE(s) Addressed

Product

Affected Version(s)

Updated Version(s)

Link to Update

CVE-2022-34404

DSU

Versions prior to 2.0.1.0

2.0.1.0

https://www.dell.com/support/home/drivers/driversdetails?driverid=8d3x6

Keinoja ongelman kiertämiseen tai lieventämiseen

None.

Versiohistoria

Revision

Date

Description

1.0

2022-09-26

Initial Release

Asiaan liittyvät tiedot

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Dell System Update v1.3, Dell System update v1.3.1, Dell System Update v1.1, Dell System Update v1.2, Product Security Information, Dell System update v1.4.0

26 syysk. 2022

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE