Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-32464

Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.

Published

2023-06-23T08:15:09.400

Last Modified

2024-11-21T08:03:24.457

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.7 (LOW)

Weaknesses

Type: Primary
CWE-295

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	vxrail_d560_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_d560	-	No
Operating System	dell	vxrail_d560f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_d560f	-	No
Operating System	dell	vxrail_e460_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e460	-	No
Operating System	dell	vxrail_e560_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e560	-	No
Operating System	dell	vxrail_e560_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e560_vcf	-	No
Operating System	dell	vxrail_e560f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e560f	-	No
Operating System	dell	vxrail_e560f_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e560f_vcf	-	No
Operating System	dell	vxrail_e560n_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e560n	-	No
Operating System	dell	vxrail_e560n_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e560n_vcf	-	No
Operating System	dell	vxrail_e660_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e660	-	No
Operating System	dell	vxrail_e660f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e660f	-	No
Operating System	dell	vxrail_e660n_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e660n	-	No
Operating System	dell	vxrail_e665_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e665	-	No
Operating System	dell	vxrail_e665f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e665f	-	No
Operating System	dell	vxrail_e665n_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_e665n	-	No
Operating System	dell	vxrail_g560_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_g560	-	No
Operating System	dell	vxrail_g560_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_g560_vcf	-	No
Operating System	dell	vxrail_g560f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_g560f	-	No
Operating System	dell	vxrail_g560f_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_g560f_vcf	-	No
Operating System	dell	vxrail_p470_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p470	-	No
Operating System	dell	vxrail_p570_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p570	-	No
Operating System	dell	vxrail_p570_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p570_vcf	-	No
Operating System	dell	vxrail_p570f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p570f	-	No
Operating System	dell	vxrail_p570f_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p570f_vcf	-	No
Operating System	dell	vxrail_p580n_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p580n	-	No
Operating System	dell	vxrail_p580n_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p580n_vcf	-	No
Operating System	dell	vxrail_p670f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p670f	-	No
Operating System	dell	vxrail_p670n_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p670n	-	No
Operating System	dell	vxrail_p675f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p675f	-	No
Operating System	dell	vxrail_p675n_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_p675n	-	No
Operating System	dell	vxrail_s470_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_s470	-	No
Operating System	dell	vxrail_s570_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_s570	-	No
Operating System	dell	vxrail_s570_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_s570_vcf	-	No
Operating System	dell	vxrail_s670_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_s670	-	No
Operating System	dell	vxrail_v470_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_v470	-	No
Operating System	dell	vxrail_v570_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_v570	-	No
Operating System	dell	vxrail_v570_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_v570_vcf	-	No
Operating System	dell	vxrail_v570f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_v570f	-	No
Operating System	dell	vxrail_v570f_vcf_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_v570f_vcf	-	No
Operating System	dell	vxrail_v670f_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_v670f	-	No
Operating System	dell	vxrail_vd-4000r_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_vd-4000r	-	No
Operating System	dell	vxrail_vd-4000w_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_vd-4000w	-	No
Operating System	dell	vxrail_vd-4000z_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_vd-4000z	-	No
Operating System	dell	vxrail_vd-4510c_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_vd-4510c	-	No
Operating System	dell	vxrail_vd-4520c_firmware	< 7.0.450	Yes
Hardware	dell	vxrail_vd-4520c	-	No

References

https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450 Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-us/000213011/dsa-2023-071-dell-vxrail-security-update-for-multiple-third-party-component-vulnerabilities-7-0-450 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)