← Back

CVE-2023-32449

nvd nist
Published: Jun 22, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks

Affected (1)

Products: Dell: Powerstoret Os
Dell
1 product
Powerstoret Os
Configuration A
1 platform
Running on/withPlatform Versions
Dell
Powerstore 500t
All versions
Configuration B
1 platform
Running on/withPlatform Versions
Dell
Powerstore 1000t
All versions
Configuration C
1 platform
Running on/withPlatform Versions
Dell
Powerstore 1200t
All versions
Configuration D
1 platform
Running on/withPlatform Versions
Dell
Powerstore 3200t
All versions
Configuration E
1 platform
Running on/withPlatform Versions
Dell
Powerstore 3000t
All versions
Configuration F
1 platform
Running on/withPlatform Versions
Dell
Powerstore 5200t
All versions
Configuration G
1 platform
Running on/withPlatform Versions
Dell
Powerstore 5000t
All versions
Configuration H
1 platform
Running on/withPlatform Versions
Dell
Powerstore 7000t
All versions
Configuration I
1 platform
Running on/withPlatform Versions
Dell
Powerstore 9000t
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Powerstoret Os
Before 3.5.0.0-2050321
Running on/withPlatform Versions
Dell
Powerstore 9200t
All versions

Related CWEs

CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (2)

Source: security_alert@emc.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.