Headline
CVE-2022-34364: DSA-2022-188: Dell BSAFE SSL-J 6.5 and 7.1 Security Vulnerability
Dell BSAFE SSL-J when used in debug mode can reveal unnecessary information. An attacker could potentially exploit this vulnerability and have access to private information.
Vaikutus
Medium
Tiedot
Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities. Public disclosure of the vulnerability details will be shared later.
Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities. Public disclosure of the vulnerability details will be shared later.
Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.
Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen
Affected Products:
Dell BSAFE SSL-J version 7.0 and all versions before 6.5.
Remediation:
The following releases address this vulnerability:
Dell BSAFE SSL-J 6.5 and Dell BSAFE SSL-J 7.1
Dell Technologies recommends all customers upgrade at the earliest opportunity.
Affected Products:
Dell BSAFE SSL-J version 7.0 and all versions before 6.5.
Remediation:
The following releases address this vulnerability:
Dell BSAFE SSL-J 6.5 and Dell BSAFE SSL-J 7.1
Dell Technologies recommends all customers upgrade at the earliest opportunity.
Versiohistoria
Revision
Date
Description
1.0
2022-09-12
Initial Release
Asiaan liittyvät tiedot
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
12 syysk. 2022
Related news
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).