Headline
CVE-2023-28045: DSA-2023-165: Dell CloudIQ Collector Security Update for Missing Encryption of Sensitive Data Vulnerability
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data.
Vaikutus
Medium
Tiedot
Proprietary Code CVE
Description
CVSS Base Score
CVSS Vector String
CVE-2023-28045
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data…
6.3
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Proprietary Code CVE
Description
CVSS Base Score
CVSS Vector String
CVE-2023-28045
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data…
6.3
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen****Versiohistoria
Revision
Date
Description
1.0
2023-05-18
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
18 toukok. 2023