CVE-2023-43081: DSA-2023-427: Security Update for Dell PowerProtect Agent for File System Vulnerabilities

Impact

Medium

Details

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-43081

PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.

4.0

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2023-43081

PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.

4.0

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2023-43081

PowerProtect Agent for File System

Software

Versions prior to 19.14

Version 19.15

https://www.dell.com/support/home/product-support/product/enterprise-copy-data-management/drivers

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2023-43081

PowerProtect Agent for File System

Software

Versions prior to 19.14

Version 19.15

https://www.dell.com/support/home/product-support/product/enterprise-copy-data-management/drivers

Revision History

Revision

Date

Description

1.0

2023-11-22

Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide