Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-38304

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

Published

2024-08-29T11:15:26.187

Last Modified

2024-12-20T14:41:01.273

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.8 (LOW)

Weaknesses

Type: Secondary
CWE-788
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	dell	emc_xc_core_xcxr2_firmware	< 2.22.1	Yes
Hardware	dell	emc_xc_core_xcxr2	-	No
Operating System	dell	emc_xc_core_xc940_system_firmware	< 2.22.2	Yes
Hardware	dell	emc_xc_core_xc940_system	-	No
Operating System	dell	emc_xc_core_xc740xd2_firmware	< 2.22.1	Yes
Hardware	dell	emc_xc_core_xc740xd2	-	No
Operating System	dell	emc_xc_core_xc740xd_system_firmware	< 2.22.2	Yes
Hardware	dell	emc_xc_core_xc740xd_system	-	No
Operating System	dell	emc_xc_core_xc640_system_firmware	< 2.22.2	Yes
Hardware	dell	emc_xc_core_xc640_system	-	No
Operating System	dell	emc_xc_core_6420_system_firmware	< 2.22.2	Yes
Hardware	dell	emc_xc_core_6420_system	-	No
Operating System	dell	emc_storage_nx3340_firmware	< 2.22.2	Yes
Hardware	dell	emc_storage_nx3340	-	No
Operating System	dell	emc_storage_nx3240_firmware	< 2.22.2	Yes
Hardware	dell	emc_storage_nx3240	-	No
Operating System	dell	poweredge_xe7440_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_xe7440	-	No
Operating System	dell	poweredge_xe7420_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_xe7420	-	No
Operating System	dell	poweredge_xe2420_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_xe2420	-	No
Operating System	dell	dss_8440_firmware	< 2.22.2	Yes
Hardware	dell	dss_8440	-	No
Operating System	dell	poweredge_c4140_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_c4140	-	No
Operating System	dell	poweredge_mx840c_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_mx840c	-	No
Operating System	dell	poweredge_mx740c_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_mx740c	-	No
Operating System	dell	poweredge_m640_\(for_pe_vrtx\)_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_m640_\(for_pe_vrtx\)	-	No
Operating System	dell	poweredge_m640_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_m640	-	No
Operating System	dell	poweredge_fc640_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_fc640	-	No
Operating System	dell	poweredge_c6420_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_c6420	-	No
Operating System	dell	poweredge_t640_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_t640	-	No
Operating System	dell	poweredge_r940xa_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_r940xa	-	No
Operating System	dell	poweredge_r840_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_r840	-	No
Operating System	dell	poweredge_r740xd2_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_r740xd2	-	No
Operating System	dell	poweredge_xr2_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_xr2	-	No
Operating System	dell	poweredge_t440_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_t440	-	No
Operating System	dell	poweredge_r440_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_r440	-	No
Operating System	dell	poweredge_r540_firmware	< 2.22.1	Yes
Hardware	dell	poweredge_r540	-	No
Operating System	dell	poweredge_r940_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_r940	-	No
Operating System	dell	poweredge_r640_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_r640	-	No
Operating System	dell	poweredge_r740xd_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_r740xd	-	No
Operating System	dell	poweredge_r740_firmware	< 2.22.2	Yes
Hardware	dell	poweredge_r740	-	No

References

https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability Vendor Advisory ([email protected])