3 results (0.003 seconds)

CVSS: 3.3EPSS: 0%CPEs: 90EXPL: 0

CVE-2023-32464

https://notcve.org/view.php?id=CVE-2023-32464

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. • https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450 • CWE-295: Improper Certificate Validation •

CVSS: 7.5EPSS: 0%CPEs: 90EXPL: 0

CVE-2023-32463

https://notcve.org/view.php?id=CVE-2023-32463

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. • https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-5368

https://notcve.org/view.php?id=CVE-2020-5368

Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form. Dell EMC VxRail versiones 4.7.410 y 4.7.411, contiene una vulnerabilidad de autenticación inapropiada. Un atacante no autenticado remoto puede explotar esta vulnerabilidad para obtener información confidencial en forma cifrada • https://www.dell.com/support/security/en-us/details/544058/DSA-2020-136-Dell-EMC-VxRail-Appliance-Improper-Authentication-Vulnerability • CWE-862: Missing Authorization •