CVE-2023-32464
https://notcve.org/view.php?id=CVE-2023-32464
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. • https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450 • CWE-295: Improper Certificate Validation •
CVE-2023-32463
https://notcve.org/view.php?id=CVE-2023-32463
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. • https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities • CWE-20: Improper Input Validation •
CVE-2020-5368
https://notcve.org/view.php?id=CVE-2020-5368
Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form. Dell EMC VxRail versiones 4.7.410 y 4.7.411, contiene una vulnerabilidad de autenticación inapropiada. Un atacante no autenticado remoto puede explotar esta vulnerabilidad para obtener información confidencial en forma cifrada • https://www.dell.com/support/security/en-us/details/544058/DSA-2020-136-Dell-EMC-VxRail-Appliance-Improper-Authentication-Vulnerability • CWE-862: Missing Authorization •