CVE-2024-22453
6.0
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Exploitability: 0.8 / Impact: 5.2
Source: NVD
Description
Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability. A local high privileged attacker could potentially exploit this vulnerability to write to otherwise unauthorized memory.
Affected (25)
Products: Dell: Poweredge R730 Firmware, Poweredge R730xd Firmware, Poweredge R630 Firmware, Poweredge C4130 Firmware, Poweredge R930 Firmware, Poweredge M630 Firmware, Poweredge M630 (pe Vrtx) Firmware, Poweredge Fc630 Firmware, Poweredge Fc430 Firmware, Poweredge M830 Firmware, Poweredge M830 (pe Vrtx) Firmware, Poweredge Fc830 Firmware, Poweredge T630 Firmware, Poweredge R530 Firmware, Poweredge R430 Firmware, Poweredge T430 Firmware, Poweredge R830 Firmware, Poweredge C6320 Firmware, Nx3230 Firmware, Nx3330 Firmware, Xc6320 Firmware, Xc430 Firmware, Xc630 Firmware, Xc730 Firmware, Xc730xd Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R730 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R730xd | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R630 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge C4130 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.14.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R930 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge M630 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge M630 (pe Vrtx) | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge Fc630 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge Fc430 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge M830 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge M830 (pe Vrtx) | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge Fc830 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge T630 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R530 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R430 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge T430 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge R830 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Poweredge C6320 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Nx3230 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Nx3330 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Xc6320 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Xc430 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Xc630 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Xc730 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.19.0 |
| Running on/with | Platform Versions |
|---|---|
Dell Xc730xd | All versions |
Related CWEs
CWE-122
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
References (2)
Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.