Search
Find a vulnerability
Search criteria
10 vulnerabilities found for poweredge_m640_\(pe_vrtx\)_firmware by dell
CVE-2024-0172 (GCVE-0-2024-0172)
Vulnerability from nvd – Published: 2024-04-03 09:09 – Updated: 2024-08-20 20:30
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity
7.9 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022372… | vendor-advisory |
Impacted products
81 products
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.5.6
(semver)
Affected: N/A , < 1.1.3 (semver) Affected: N/A , < 1.1.4 (semver) Affected: N/A , < 1.2.5 (semver) Affected: N/A , < 1.3.6 (semver) Affected: N/A , < 1.4.6 (semver) Affected: N/A , < 1.11.2 (semver) Affected: N/A , < 1.7.3 (semver) Affected: N/A , < 1.12.1 (semver) Affected: N/A , < 2.12.4 (semver) Affected: N/A , < 2.19.1 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 1.20.0 (semver) |
|
| dell | poweredge_r660_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6620_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx760c_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r860_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r960_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_hs5610_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_hs5620_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r660xs_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760xs_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760xd2_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t560_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760xa_firmware |
Affected:
0 , < 1.1.3
(custom)
cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe9680_firmware |
Affected:
0 , < 1.1.3
(custom)
cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr5610_firmware |
Affected:
0 , < 1.1.4
(custom)
cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr8620t_firmware |
Affected:
0 , < 1.1.3
(custom)
cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr7620_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe8640_firmware |
Affected:
0 , < 1.2.5
(custom)
cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe9640_firmware |
Affected:
0 , < 1.3.6
(custom)
cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6615_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7615_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6625_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7625_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r650_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r750_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r750xa_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6520_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx750c_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r550_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r450_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r650xs_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r750xs_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t550_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr11_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr12_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t150_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t350_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r250_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r350_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr4510c_firmware |
Affected:
0 , < 1.12.1
(custom)
cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr4520c_firmware |
Affected:
0 , < 1.12.1
(custom)
cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6515_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6525_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7515_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7525_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6525_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe8545_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r740_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r740xd_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r940_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r540_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r440_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t440_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr2_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r740xd2_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r840_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r940xa_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6420_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_fc640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_m640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx740c_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx840c_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c4140_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe2420_firmware |
Affected:
0 , < 2.19.0
(custom)
cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe7420_firmware |
Affected:
0 , < 2.19.0
(custom)
cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe7440_firmware |
Affected:
0 , < 2.19.0
(custom)
cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t140_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t340_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r240_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r340_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6415_firmware |
Affected:
0 , < 1.20.0
(custom)
cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7415_firmware |
Affected:
0 , < 1.20.0
(custom)
cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7425_firmware |
Affected:
0 , < 1.20.0
(custom)
cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:* |
|
| dell | emc_storage_nx3240_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:* |
|
| dell | emc_storage_nx3340_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:* |
|
| dell | emc_xc_core_xc450_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:* |
|
| dell | emc_xc_core_xc650_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:* |
|
| dell | emc_xc_core_xc750_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:* |
Date Public
2024-04-02 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx760c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r860_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t560_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9680_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr8620t_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr7620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6520_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx750c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t150_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r250_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4510c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4520c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8545_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r540_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r840_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_fc640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_m640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx740c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx840c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c4140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe2420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7425_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:01:19.460976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:30:48.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.5",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.3.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.4.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.12.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-04-02T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T09:09:18.449Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0172",
"datePublished": "2024-04-03T09:09:18.449Z",
"dateReserved": "2023-12-14T05:35:36.325Z",
"dateUpdated": "2024-08-20T20:30:48.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0173 (GCVE-0-2024-0173)
Vulnerability from nvd – Published: 2024-03-13 16:52 – Updated: 2024-08-01 17:41
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022289… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Date Public
2024-03-12 06:30
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T20:00:50.556667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:23.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform\t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:52:21.293Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0173",
"datePublished": "2024-03-13T16:52:21.293Z",
"dateReserved": "2023-12-14T05:35:37.836Z",
"dateUpdated": "2024-08-01T17:41:16.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0154 (GCVE-0-2024-0154)
Vulnerability from nvd – Published: 2024-03-13 16:41 – Updated: 2024-08-01 17:41
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022289… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Date Public
2024-03-12 06:30
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T19:40:48.987776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:41:09.360Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0154",
"datePublished": "2024-03-13T16:41:09.360Z",
"dateReserved": "2023-12-14T05:29:25.760Z",
"dateUpdated": "2024-08-01T17:41:16.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0161 (GCVE-0-2024-0161)
Vulnerability from nvd – Published: 2024-03-13 16:04 – Updated: 2024-08-12 13:56
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022297… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.1.1
(semver)
Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Date Public
2024-03-12 06:30
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T13:56:13.395413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:56:29.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 as well as schur of BUPT, Dubhe Lab for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:04:12.678Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0161",
"datePublished": "2024-03-13T16:04:12.678Z",
"dateReserved": "2023-12-14T05:30:39.766Z",
"dateUpdated": "2024-08-12T13:56:29.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32460 (GCVE-0-2023-32460)
Vulnerability from nvd – Published: 2023-12-08 05:37 – Updated: 2024-08-02 15:18
VLAI
Summary
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00021955… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
Versions prior to 1.6.6
Affected: Versions prior to 1.3.6 Affected: Versions prior to 1.1.2 Affected: Versions prior to 1.12.1 Affected: Versions prior to 1.8.1 Affected: Versions prior to 1.13.3 Affected: Versions prior to 2.13.3 Affected: Versions prior to 2.20.1 Affected: Versions prior to 2.20.0 Affected: Versions prior to 2.15.1 Affected: Versions prior to 1.21.0 Affected: Versions prior to 2.18.1 Affected: Versions prior to 2.13.0 Affected: Versions prior to 2.18.2 Affected: Versions prior to 1.18.1 Affected: Versions prior to 2.19.1 |
Date Public
2023-12-07 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"BIOS"
],
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.6.6"
},
{
"status": "affected",
"version": "Versions prior to 1.3.6"
},
{
"status": "affected",
"version": "Versions prior to 1.1.2"
},
{
"status": "affected",
"version": "Versions prior to 1.12.1"
},
{
"status": "affected",
"version": "Versions prior to 1.8.1"
},
{
"status": "affected",
"version": "Versions prior to 1.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.20.1"
},
{
"status": "affected",
"version": "Versions prior to 2.20.0"
},
{
"status": "affected",
"version": "Versions prior to 2.15.1"
},
{
"status": "affected",
"version": "Versions prior to 1.21.0"
},
{
"status": "affected",
"version": "Versions prior to 2.18.1 "
},
{
"status": "affected",
"version": "Versions prior to 2.13.0\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.18.2 "
},
{
"status": "affected",
"version": "Versions prior to 1.18.1\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.19.1\u202f "
}
]
}
],
"datePublic": "2023-12-07T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T05:37:52.680Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32460",
"datePublished": "2023-12-08T05:37:52.680Z",
"dateReserved": "2023-05-09T06:05:24.994Z",
"dateUpdated": "2024-08-02T15:18:37.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0172 (GCVE-0-2024-0172)
Vulnerability from cvelistv5 – Published: 2024-04-03 09:09 – Updated: 2024-08-20 20:30
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity
7.9 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022372… | vendor-advisory |
Impacted products
81 products
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.5.6
(semver)
Affected: N/A , < 1.1.3 (semver) Affected: N/A , < 1.1.4 (semver) Affected: N/A , < 1.2.5 (semver) Affected: N/A , < 1.3.6 (semver) Affected: N/A , < 1.4.6 (semver) Affected: N/A , < 1.11.2 (semver) Affected: N/A , < 1.7.3 (semver) Affected: N/A , < 1.12.1 (semver) Affected: N/A , < 2.12.4 (semver) Affected: N/A , < 2.19.1 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 1.20.0 (semver) |
|
| dell | poweredge_r660_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6620_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx760c_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r860_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r960_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_hs5610_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_hs5620_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r660xs_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760xs_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760xd2_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t560_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r760xa_firmware |
Affected:
0 , < 1.1.3
(custom)
cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe9680_firmware |
Affected:
0 , < 1.1.3
(custom)
cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr5610_firmware |
Affected:
0 , < 1.1.4
(custom)
cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr8620t_firmware |
Affected:
0 , < 1.1.3
(custom)
cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr7620_firmware |
Affected:
0 , < 1.5.6
(custom)
cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe8640_firmware |
Affected:
0 , < 1.2.5
(custom)
cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe9640_firmware |
Affected:
0 , < 1.3.6
(custom)
cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6615_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7615_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6625_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7625_firmware |
Affected:
0 , < 1.4.6
(custom)
cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r650_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r750_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r750xa_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6520_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx750c_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r550_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r450_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r650xs_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r750xs_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t550_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr11_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr12_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t150_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t350_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r250_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r350_firmware |
Affected:
0 , < 1.7.3
(custom)
cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr4510c_firmware |
Affected:
0 , < 1.12.1
(custom)
cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr4520c_firmware |
Affected:
0 , < 1.12.1
(custom)
cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6515_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6525_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7515_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7525_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6525_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe8545_firmware |
Affected:
0 , < 2.12.4
(custom)
cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r740_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r740xd_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r940_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r540_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r440_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t440_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xr2_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r740xd2_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r840_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r940xa_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c6420_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_fc640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_m640_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx740c_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_mx840c_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_c4140_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe2420_firmware |
Affected:
0 , < 2.19.0
(custom)
cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe7420_firmware |
Affected:
0 , < 2.19.0
(custom)
cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_xe7440_firmware |
Affected:
0 , < 2.19.0
(custom)
cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t140_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_t340_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r240_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r340_firmware |
Affected:
0 , < 2.14.1
(custom)
cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r6415_firmware |
Affected:
0 , < 1.20.0
(custom)
cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7415_firmware |
Affected:
0 , < 1.20.0
(custom)
cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:* |
|
| dell | poweredge_r7425_firmware |
Affected:
0 , < 1.20.0
(custom)
cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:* |
|
| dell | emc_storage_nx3240_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:* |
|
| dell | emc_storage_nx3340_firmware |
Affected:
0 , < 2.19.1
(custom)
cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:* |
|
| dell | emc_xc_core_xc450_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:* |
|
| dell | emc_xc_core_xc650_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:* |
|
| dell | emc_xc_core_xc750_firmware |
Affected:
0 , < 1.11.2
(custom)
cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:* |
Date Public
2024-04-02 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx760c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r860_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t560_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9680_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr8620t_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr7620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6520_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx750c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t150_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r250_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4510c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4520c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8545_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r540_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r840_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_fc640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_m640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx740c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx840c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c4140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe2420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7425_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:01:19.460976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:30:48.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.5",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.3.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.4.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.12.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-04-02T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T09:09:18.449Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0172",
"datePublished": "2024-04-03T09:09:18.449Z",
"dateReserved": "2023-12-14T05:35:36.325Z",
"dateUpdated": "2024-08-20T20:30:48.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0173 (GCVE-0-2024-0173)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:52 – Updated: 2024-08-01 17:41
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022289… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Date Public
2024-03-12 06:30
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T20:00:50.556667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:23.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform\t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:52:21.293Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0173",
"datePublished": "2024-03-13T16:52:21.293Z",
"dateReserved": "2023-12-14T05:35:37.836Z",
"dateUpdated": "2024-08-01T17:41:16.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0154 (GCVE-0-2024-0154)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:41 – Updated: 2024-08-01 17:41
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022289… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Date Public
2024-03-12 06:30
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T19:40:48.987776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:41:09.360Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0154",
"datePublished": "2024-03-13T16:41:09.360Z",
"dateReserved": "2023-12-14T05:29:25.760Z",
"dateUpdated": "2024-08-01T17:41:16.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0161 (GCVE-0-2024-0161)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:04 – Updated: 2024-08-12 13:56
VLAI
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022297… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.1.1
(semver)
Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Date Public
2024-03-12 06:30
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T13:56:13.395413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:56:29.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 as well as schur of BUPT, Dubhe Lab for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:04:12.678Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0161",
"datePublished": "2024-03-13T16:04:12.678Z",
"dateReserved": "2023-12-14T05:30:39.766Z",
"dateUpdated": "2024-08-12T13:56:29.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32460 (GCVE-0-2023-32460)
Vulnerability from cvelistv5 – Published: 2023-12-08 05:37 – Updated: 2024-08-02 15:18
VLAI
Summary
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00021955… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
Versions prior to 1.6.6
Affected: Versions prior to 1.3.6 Affected: Versions prior to 1.1.2 Affected: Versions prior to 1.12.1 Affected: Versions prior to 1.8.1 Affected: Versions prior to 1.13.3 Affected: Versions prior to 2.13.3 Affected: Versions prior to 2.20.1 Affected: Versions prior to 2.20.0 Affected: Versions prior to 2.15.1 Affected: Versions prior to 1.21.0 Affected: Versions prior to 2.18.1 Affected: Versions prior to 2.13.0 Affected: Versions prior to 2.18.2 Affected: Versions prior to 1.18.1 Affected: Versions prior to 2.19.1 |
Date Public
2023-12-07 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"BIOS"
],
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.6.6"
},
{
"status": "affected",
"version": "Versions prior to 1.3.6"
},
{
"status": "affected",
"version": "Versions prior to 1.1.2"
},
{
"status": "affected",
"version": "Versions prior to 1.12.1"
},
{
"status": "affected",
"version": "Versions prior to 1.8.1"
},
{
"status": "affected",
"version": "Versions prior to 1.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.20.1"
},
{
"status": "affected",
"version": "Versions prior to 2.20.0"
},
{
"status": "affected",
"version": "Versions prior to 2.15.1"
},
{
"status": "affected",
"version": "Versions prior to 1.21.0"
},
{
"status": "affected",
"version": "Versions prior to 2.18.1 "
},
{
"status": "affected",
"version": "Versions prior to 2.13.0\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.18.2 "
},
{
"status": "affected",
"version": "Versions prior to 1.18.1\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.19.1\u202f "
}
]
}
],
"datePublic": "2023-12-07T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T05:37:52.680Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32460",
"datePublished": "2023-12-08T05:37:52.680Z",
"dateReserved": "2023-05-09T06:05:24.994Z",
"dateUpdated": "2024-08-02T15:18:37.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}