Search criteria
26 vulnerabilities found for poweredge_mx840c_firmware by dell
CVE-2025-26482 (GCVE-0-2025-26482)
Vulnerability from nvd – Published: 2025-09-25 21:11 – Updated: 2025-09-26 17:39
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.
Severity ?
4.9 (Medium)
CWE
- CWE-1258 - Exposure of Sensitive System Information Due to Uncleared Debug Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Dell | PowerEdge R770 |
Affected:
N/A , < 1.2.6
(semver)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T17:38:37.455824Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T17:39:20.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge R770",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R670",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R570",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R470",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6715",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7715",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6725",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7725",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R660",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6620",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX760c",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R860",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R960",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge HS5610",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge HS5620",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R660xs",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760xs",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760xd2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T560",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760xa",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE9680",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE9680L",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR5610",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR8610t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR8620t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR7620",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE8640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE9640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T160",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T360",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R260",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R360",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R650",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R750",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R750XA",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6520",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX750C",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R550",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R450",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R650XS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R750XS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T550",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR11",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR12",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR4510c",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.17.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR4520c",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.17.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T150",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T350",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R250",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R350",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R740",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R740XD",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R940",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R540",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R740XD2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R840",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R940XA",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6420",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge FC640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge M640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge M640 (for PE VRTX)",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX740C",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX840C",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C4140",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DSS 8440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE2420",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE7420",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE7440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T140",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T340",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R240",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R340",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC Storage NX3240",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC Storage NX3340",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC NX440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC660",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC760",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC660xs",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC760xa",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC450",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC650",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC750",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC750xa",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC6520",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core 6420 System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC640 System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC740xd System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC740xd2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC940 System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XCXR2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6615",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7615",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6625",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7625",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6615",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.6.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6515",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7515",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE8545",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.17.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC7525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC7625",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6415",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.25.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7415",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.25.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7425",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.25.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iDRAC9",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.00.00.181",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iDRAC9",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.20.10.50",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-23T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure."
}
],
"value": "Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1258",
"description": "CWE-1258: Exposure of Sensitive System Information Due to Uncleared Debug Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T21:11:43.372Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000370138/dsa-2025-046-security-update-for-dell-poweredge-server-and-dell-idrac9-for-information-disclosure-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2025-26482",
"datePublished": "2025-09-25T21:11:43.372Z",
"dateReserved": "2025-02-11T06:06:12.147Z",
"dateUpdated": "2025-09-26T17:39:20.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38304 (GCVE-0-2024-38304)
Vulnerability from nvd – Published: 2024-08-29 08:03 – Updated: 2024-08-29 13:28
VLAI?
Summary
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity ?
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.22.1
(semver)
Affected: N/A , < 2.22.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:28:25.124614Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:28:35.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.22.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.22.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-08-28T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:03:40.261Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-38304",
"datePublished": "2024-08-29T08:03:40.261Z",
"dateReserved": "2024-06-13T14:41:01.527Z",
"dateUpdated": "2024-08-29T13:28:35.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38303 (GCVE-0-2024-38303)
Vulnerability from nvd – Published: 2024-08-29 04:34 – Updated: 2024-08-29 13:49
VLAI?
Summary
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity ?
5.3 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.22.1
(semver)
Affected: N/A , < 2.22.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:49:25.085284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:49:36.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.22.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.22.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-08-28T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T04:34:53.178Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-38303",
"datePublished": "2024-08-29T04:34:53.178Z",
"dateReserved": "2024-06-13T14:41:01.527Z",
"dateUpdated": "2024-08-29T13:49:36.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0172 (GCVE-0-2024-0172)
Vulnerability from nvd – Published: 2024-04-03 09:09 – Updated: 2024-08-20 20:30
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity ?
7.9 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.5.6
(semver)
Affected: N/A , < 1.1.3 (semver) Affected: N/A , < 1.1.4 (semver) Affected: N/A , < 1.2.5 (semver) Affected: N/A , < 1.3.6 (semver) Affected: N/A , < 1.4.6 (semver) Affected: N/A , < 1.11.2 (semver) Affected: N/A , < 1.7.3 (semver) Affected: N/A , < 1.12.1 (semver) Affected: N/A , < 2.12.4 (semver) Affected: N/A , < 2.19.1 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 1.20.0 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx760c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r860_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t560_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9680_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr8620t_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr7620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6520_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx750c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t150_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r250_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4510c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4520c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8545_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r540_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r840_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_fc640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_m640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx740c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx840c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c4140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe2420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7425_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:01:19.460976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:30:48.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.5",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.3.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.4.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.12.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-04-02T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T09:09:18.449Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0172",
"datePublished": "2024-04-03T09:09:18.449Z",
"dateReserved": "2023-12-14T05:35:36.325Z",
"dateUpdated": "2024-08-20T20:30:48.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0173 (GCVE-0-2024-0173)
Vulnerability from nvd – Published: 2024-03-13 16:52 – Updated: 2024-08-01 17:41
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity ?
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T20:00:50.556667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:23.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform\t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:52:21.293Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0173",
"datePublished": "2024-03-13T16:52:21.293Z",
"dateReserved": "2023-12-14T05:35:37.836Z",
"dateUpdated": "2024-08-01T17:41:16.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0154 (GCVE-0-2024-0154)
Vulnerability from nvd – Published: 2024-03-13 16:41 – Updated: 2024-08-01 17:41
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity ?
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T19:40:48.987776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:41:09.360Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0154",
"datePublished": "2024-03-13T16:41:09.360Z",
"dateReserved": "2023-12-14T05:29:25.760Z",
"dateUpdated": "2024-08-01T17:41:16.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0161 (GCVE-0-2024-0161)
Vulnerability from nvd – Published: 2024-03-13 16:04 – Updated: 2024-08-12 13:56
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Severity ?
7.2 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.1.1
(semver)
Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Credits
Dell would like to thank codebreaker1337 as well as schur of BUPT, Dubhe Lab for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T13:56:13.395413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:56:29.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 as well as schur of BUPT, Dubhe Lab for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:04:12.678Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0161",
"datePublished": "2024-03-13T16:04:12.678Z",
"dateReserved": "2023-12-14T05:30:39.766Z",
"dateUpdated": "2024-08-12T13:56:29.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32460 (GCVE-0-2023-32460)
Vulnerability from nvd – Published: 2023-12-08 05:37 – Updated: 2024-08-02 15:18
VLAI?
Summary
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity ?
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
Versions prior to 1.6.6
Affected: Versions prior to 1.3.6 Affected: Versions prior to 1.1.2 Affected: Versions prior to 1.12.1 Affected: Versions prior to 1.8.1 Affected: Versions prior to 1.13.3 Affected: Versions prior to 2.13.3 Affected: Versions prior to 2.20.1 Affected: Versions prior to 2.20.0 Affected: Versions prior to 2.15.1 Affected: Versions prior to 1.21.0 Affected: Versions prior to 2.18.1 Affected: Versions prior to 2.13.0 Affected: Versions prior to 2.18.2 Affected: Versions prior to 1.18.1 Affected: Versions prior to 2.19.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"BIOS"
],
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.6.6"
},
{
"status": "affected",
"version": "Versions prior to 1.3.6"
},
{
"status": "affected",
"version": "Versions prior to 1.1.2"
},
{
"status": "affected",
"version": "Versions prior to 1.12.1"
},
{
"status": "affected",
"version": "Versions prior to 1.8.1"
},
{
"status": "affected",
"version": "Versions prior to 1.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.20.1"
},
{
"status": "affected",
"version": "Versions prior to 2.20.0"
},
{
"status": "affected",
"version": "Versions prior to 2.15.1"
},
{
"status": "affected",
"version": "Versions prior to 1.21.0"
},
{
"status": "affected",
"version": "Versions prior to 2.18.1 "
},
{
"status": "affected",
"version": "Versions prior to 2.13.0\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.18.2 "
},
{
"status": "affected",
"version": "Versions prior to 1.18.1\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.19.1\u202f "
}
]
}
],
"datePublic": "2023-12-07T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T05:37:52.680Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32460",
"datePublished": "2023-12-08T05:37:52.680Z",
"dateReserved": "2023-05-09T06:05:24.994Z",
"dateUpdated": "2024-08-02T15:18:37.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25537 (GCVE-0-2023-25537)
Vulnerability from nvd – Published: 2023-05-22 10:48 – Updated: 2025-01-21 15:07
VLAI?
Summary
Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
Severity ?
6.1 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
Versions prior to 2.18.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:18.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T15:06:34.370163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T15:07:54.481Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"BIOS",
"PowerEdge R740",
"PowerEdge R740XD",
"PowerEdge R640",
"PowerEdge R940",
"PowerEdge R540",
"PowerEdge R440",
"PowerEdge T440",
"PowerEdge XR2",
"PowerEdge R740xD2",
"PowerEdge R840",
"PowerEdge R940xa",
"PowerEdge T640",
"PowerEdge C6420",
"PowerEdge FC640",
"PowerEdge M640",
"PowerEdge M640 (for PE VRTX)",
"PowerEdge MX740c",
"PowerEdge MX840c",
"PowerEdge C4140",
"DSS 8440",
"PowerEdge XE2420",
"PowerEdge XE7420",
"PowerEdge XE7440",
"Dell EMC Storage NX3240",
"Dell EMC Storage NX3340",
"Dell EMC XC Core 6420 System",
"Dell EMC XC Core XC640 System",
"Dell EMC XC Core XC740xd System",
"Dell EMC XC Core XC740xd2",
"Dell EMC XC Core XC940 System",
"Dell EMC XC Core XCXR2"
],
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 2.18.1 "
}
]
}
],
"datePublic": "2023-05-15T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-22T10:48:45.847Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-25537",
"datePublished": "2023-05-22T10:48:45.847Z",
"dateReserved": "2023-02-07T09:35:27.079Z",
"dateUpdated": "2025-01-21T15:07:54.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21557 (GCVE-0-2021-21557)
Vulnerability from nvd – Published: 2021-06-14 19:10 – Updated: 2024-09-16 17:02
VLAI?
Summary
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode.
Severity ?
8.1 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.11.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:16",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.11.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21557",
"datePublished": "2021-06-14T19:10:16.639445Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-16T17:02:41.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21556 (GCVE-0-2021-21556)
Vulnerability from nvd – Published: 2021-06-14 19:10 – Updated: 2024-09-17 01:40
VLAI?
Summary
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Severity ?
6.1 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.11.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:15",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.11.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21556",
"datePublished": "2021-06-14T19:10:15.963590Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-17T01:40:39.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21555 (GCVE-0-2021-21555)
Vulnerability from nvd – Published: 2021-06-14 19:10 – Updated: 2024-09-16 22:29
VLAI?
Summary
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Severity ?
6.1 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.11.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:15",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.11.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21555",
"datePublished": "2021-06-14T19:10:15.341153Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-16T22:29:57.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21554 (GCVE-0-2021-21554)
Vulnerability from nvd – Published: 2021-06-14 19:10 – Updated: 2024-09-16 16:42
VLAI?
Summary
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Severity ?
6.1 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.9.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.9.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:14",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.9.4"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21554",
"datePublished": "2021-06-14T19:10:14.618136Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-16T16:42:32.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26482 (GCVE-0-2025-26482)
Vulnerability from cvelistv5 – Published: 2025-09-25 21:11 – Updated: 2025-09-26 17:39
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure.
Severity ?
4.9 (Medium)
CWE
- CWE-1258 - Exposure of Sensitive System Information Due to Uncleared Debug Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Dell | PowerEdge R770 |
Affected:
N/A , < 1.2.6
(semver)
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-26T17:38:37.455824Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-26T17:39:20.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge R770",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R670",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R570",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R470",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.2.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6715",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7715",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6725",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7725",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R660",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6620",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX760c",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R860",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R960",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge HS5610",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge HS5620",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R660xs",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760xs",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760xd2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T560",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R760xa",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE9680",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE9680L",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR5610",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR8610t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR8620t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR7620",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE8640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE9640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T160",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T360",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R260",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R360",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R650",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R750",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R750XA",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6520",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX750C",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R550",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R450",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R650XS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R750XS",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T550",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR11",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR12",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR4510c",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.17.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR4520c",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.17.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T150",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T350",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R250",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R350",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R740",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R740XD",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R940",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R540",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XR2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R740XD2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R840",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R940XA",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6420",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge FC640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge M640",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge M640 (for PE VRTX)",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX740C",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge MX840C",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C4140",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DSS 8440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE2420",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE7420",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE7440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T140",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge T340",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R240",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R340",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC Storage NX3240",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC Storage NX3340",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC NX440",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC660",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC760",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC660xs",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC760xa",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.5.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC450",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC650",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC750",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC750xa",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC6520",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.16.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core 6420 System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC640 System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC740xd System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC740xd2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC940 System",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XCXR2",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.23.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6615",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7615",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6625",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7625",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6615",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.6.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6515",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7515",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge C6525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge XE8545",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.17.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell EMC XC Core XC7525",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.18.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Dell XC Core XC7625",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R6415",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.25.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7415",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.25.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PowerEdge R7425",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.25.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iDRAC9",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.00.00.181",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iDRAC9",
"vendor": "Dell",
"versions": [
{
"lessThan": "7.20.10.50",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-09-23T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure."
}
],
"value": "Dell PowerEdge Server BIOS and Dell iDRAC9, all versions, contains an Information Disclosure vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information Disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1258",
"description": "CWE-1258: Exposure of Sensitive System Information Due to Uncleared Debug Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T21:11:43.372Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000370138/dsa-2025-046-security-update-for-dell-poweredge-server-and-dell-idrac9-for-information-disclosure-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2025-26482",
"datePublished": "2025-09-25T21:11:43.372Z",
"dateReserved": "2025-02-11T06:06:12.147Z",
"dateUpdated": "2025-09-26T17:39:20.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38304 (GCVE-0-2024-38304)
Vulnerability from cvelistv5 – Published: 2024-08-29 08:03 – Updated: 2024-08-29 13:28
VLAI?
Summary
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity ?
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.22.1
(semver)
Affected: N/A , < 2.22.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:28:25.124614Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:28:35.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.22.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.22.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-08-28T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T08:03:40.261Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-38304",
"datePublished": "2024-08-29T08:03:40.261Z",
"dateReserved": "2024-06-13T14:41:01.527Z",
"dateUpdated": "2024-08-29T13:28:35.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38303 (GCVE-0-2024-38303)
Vulnerability from cvelistv5 – Published: 2024-08-29 04:34 – Updated: 2024-08-29 13:49
VLAI?
Summary
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Severity ?
5.3 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.22.1
(semver)
Affected: N/A , < 2.22.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T13:49:25.085284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T13:49:36.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.22.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.22.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-08-28T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"value": "Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Improper Input Validation vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T04:34:53.178Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-38303",
"datePublished": "2024-08-29T04:34:53.178Z",
"dateReserved": "2024-06-13T14:41:01.527Z",
"dateUpdated": "2024-08-29T13:49:36.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0172 (GCVE-0-2024-0172)
Vulnerability from cvelistv5 – Published: 2024-04-03 09:09 – Updated: 2024-08-20 20:30
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity ?
7.9 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.5.6
(semver)
Affected: N/A , < 1.1.3 (semver) Affected: N/A , < 1.1.4 (semver) Affected: N/A , < 1.2.5 (semver) Affected: N/A , < 1.3.6 (semver) Affected: N/A , < 1.4.6 (semver) Affected: N/A , < 1.11.2 (semver) Affected: N/A , < 1.7.3 (semver) Affected: N/A , < 1.12.1 (semver) Affected: N/A , < 2.12.4 (semver) Affected: N/A , < 2.19.1 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 1.20.0 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx760c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx760c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r860_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r860_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r960_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r960_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_hs5620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_hs5620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r660xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r660xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t560_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t560_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r760xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r760xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9680_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9680_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr5610_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr5610_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr8620t_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr8620t_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr7620_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr7620_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.2.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe9640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe9640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7615_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7625_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.4.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6520_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6520_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx750c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx750c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r650xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r650xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r750xs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r750xs_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t550_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t550_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr11_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr11_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr12_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr12_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t150_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t150_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r250_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r250_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r350_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4510c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4510c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr4520c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr4520c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.12.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7515_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7515_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6525_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6525_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe8545_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe8545_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.12.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r540_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r540_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xr2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xr2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r740xd2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r740xd2_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r840_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r840_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r940xa_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r940xa_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c6420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c6420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_fc640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_fc640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_m640_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_m640_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx740c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx740c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_mx840c_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_mx840c_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_c4140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_c4140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe2420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe2420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7420_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7420_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_xe7440_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_xe7440_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t140_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t140_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_t340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_t340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r240_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r340_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.14.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r6415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r6415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7415_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7415_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:poweredge_r7425_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "poweredge_r7425_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3240_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3240_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_storage_nx3340_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_storage_nx3340_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "2.19.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc450_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc450_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc650_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc650_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:dell:emc_xc_core_xc750_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emc_xc_core_xc750_firmware",
"vendor": "dell",
"versions": [
{
"lessThan": "1.11.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0172",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-11T04:01:19.460976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T20:30:48.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.5.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.1.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.5",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.3.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.4.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.11.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.12.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.12.4",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-04-02T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T09:09:18.449Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0172",
"datePublished": "2024-04-03T09:09:18.449Z",
"dateReserved": "2023-12-14T05:35:36.325Z",
"dateUpdated": "2024-08-20T20:30:48.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0173 (GCVE-0-2024-0173)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:52 – Updated: 2024-08-01 17:41
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity ?
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T20:00:50.556667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:23.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform\t",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:52:21.293Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0173",
"datePublished": "2024-03-13T16:52:21.293Z",
"dateReserved": "2023-12-14T05:35:37.836Z",
"dateUpdated": "2024-08-01T17:41:16.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0154 (GCVE-0-2024-0154)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:41 – Updated: 2024-08-01 17:41
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory.
Severity ?
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 2.0.0
(semver)
Affected: N/A , < 1.7.6 (semver) Affected: N/A , < 1.7.2 (semver) Affected: N/A , < 1.2.3 (semver) Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.14.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.16.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Credits
Dell would like to thank codebreaker1337 for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T19:40:48.987776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:45.175Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:16.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.6",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.7.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.2.3",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.16.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0\u202f",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:41:09.360Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222898/dsa-2024-034-security-update-for-dell-poweredge-server-bios-for-an-improper-parameter-initialization-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0154",
"datePublished": "2024-03-13T16:41:09.360Z",
"dateReserved": "2023-12-14T05:29:25.760Z",
"dateUpdated": "2024-08-01T17:41:16.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0161 (GCVE-0-2024-0161)
Vulnerability from cvelistv5 – Published: 2024-03-13 16:04 – Updated: 2024-08-12 13:56
VLAI?
Summary
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM.
Severity ?
7.2 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
N/A , < 1.1.1
(semver)
Affected: N/A , < 1.13.2 (semver) Affected: N/A , < 1.14.1 (semver) Affected: N/A , < 1.9.1 (semver) Affected: N/A , < 2.21.2 (semver) Affected: N/A , < 2.21.1 (semver) Affected: N/A , < 2.21.0 (semver) Affected: N/A , < 2.19.0 (semver) Affected: N/A , < 2.14.0 (semver) Affected: N/A , < 1.19.0 (semver) Affected: N/A , < 2.20.0 (semver) |
Credits
Dell would like to thank codebreaker1337 as well as schur of BUPT, Dubhe Lab for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-12T13:56:13.395413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T13:56:29.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"lessThan": "1.1.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.13.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.14.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.9.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.2",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.1",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.21.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.19.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.14.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "1.19.0\u00a0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
},
{
"lessThan": "2.20.0",
"status": "affected",
"version": "N/A",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dell would like to thank codebreaker1337 as well as schur of BUPT, Dubhe Lab for reporting this issue."
}
],
"datePublic": "2024-03-12T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"value": "Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A local low privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T16:04:12.678Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222979/dsa-2024-006-security-update-for-dell-poweredge-server-bios-for-an-improper-smm-communication-buffer-verification-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-0161",
"datePublished": "2024-03-13T16:04:12.678Z",
"dateReserved": "2023-12-14T05:30:39.766Z",
"dateUpdated": "2024-08-12T13:56:29.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32460 (GCVE-0-2023-32460)
Vulnerability from cvelistv5 – Published: 2023-12-08 05:37 – Updated: 2024-08-02 15:18
VLAI?
Summary
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Severity ?
8.8 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
Versions prior to 1.6.6
Affected: Versions prior to 1.3.6 Affected: Versions prior to 1.1.2 Affected: Versions prior to 1.12.1 Affected: Versions prior to 1.8.1 Affected: Versions prior to 1.13.3 Affected: Versions prior to 2.13.3 Affected: Versions prior to 2.20.1 Affected: Versions prior to 2.20.0 Affected: Versions prior to 2.15.1 Affected: Versions prior to 1.21.0 Affected: Versions prior to 2.18.1 Affected: Versions prior to 2.13.0 Affected: Versions prior to 2.18.2 Affected: Versions prior to 1.18.1 Affected: Versions prior to 2.19.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:18:37.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"BIOS"
],
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 1.6.6"
},
{
"status": "affected",
"version": "Versions prior to 1.3.6"
},
{
"status": "affected",
"version": "Versions prior to 1.1.2"
},
{
"status": "affected",
"version": "Versions prior to 1.12.1"
},
{
"status": "affected",
"version": "Versions prior to 1.8.1"
},
{
"status": "affected",
"version": "Versions prior to 1.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.13.3"
},
{
"status": "affected",
"version": "Versions prior to 2.20.1"
},
{
"status": "affected",
"version": "Versions prior to 2.20.0"
},
{
"status": "affected",
"version": "Versions prior to 2.15.1"
},
{
"status": "affected",
"version": "Versions prior to 1.21.0"
},
{
"status": "affected",
"version": "Versions prior to 2.18.1 "
},
{
"status": "affected",
"version": "Versions prior to 2.13.0\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.18.2 "
},
{
"status": "affected",
"version": "Versions prior to 1.18.1\u202f "
},
{
"status": "affected",
"version": "Versions prior to 2.19.1\u202f "
}
]
}
],
"datePublic": "2023-12-07T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-08T05:37:52.680Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000219550/dsa-2023-361-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-32460",
"datePublished": "2023-12-08T05:37:52.680Z",
"dateReserved": "2023-05-09T06:05:24.994Z",
"dateUpdated": "2024-08-02T15:18:37.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25537 (GCVE-0-2023-25537)
Vulnerability from cvelistv5 – Published: 2023-05-22 10:48 – Updated: 2025-01-21 15:07
VLAI?
Summary
Dell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.
Severity ?
6.1 (Medium)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge Platform |
Affected:
Versions prior to 2.18.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:18.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T15:06:34.370163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T15:07:54.481Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"BIOS",
"PowerEdge R740",
"PowerEdge R740XD",
"PowerEdge R640",
"PowerEdge R940",
"PowerEdge R540",
"PowerEdge R440",
"PowerEdge T440",
"PowerEdge XR2",
"PowerEdge R740xD2",
"PowerEdge R840",
"PowerEdge R940xa",
"PowerEdge T640",
"PowerEdge C6420",
"PowerEdge FC640",
"PowerEdge M640",
"PowerEdge M640 (for PE VRTX)",
"PowerEdge MX740c",
"PowerEdge MX840c",
"PowerEdge C4140",
"DSS 8440",
"PowerEdge XE2420",
"PowerEdge XE7420",
"PowerEdge XE7440",
"Dell EMC Storage NX3240",
"Dell EMC Storage NX3340",
"Dell EMC XC Core 6420 System",
"Dell EMC XC Core XC640 System",
"Dell EMC XC Core XC740xd System",
"Dell EMC XC Core XC740xd2",
"Dell EMC XC Core XC940 System",
"Dell EMC XC Core XCXR2"
],
"product": "PowerEdge Platform",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "Versions prior to 2.18.1 "
}
]
}
],
"datePublic": "2023-05-15T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.\u003c/span\u003e\n\n"
}
],
"value": "\nDell PowerEdge 14G server BIOS versions prior to 2.18.1 and Dell Precision BIOS versions prior to 2.18.2, contain an Out of Bounds write vulnerability. A local attacker with low privileges could potentially exploit this vulnerability leading to exposure of some SMRAM stack/data/code in System Management Mode, leading to arbitrary code execution or escalation of privilege.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-22T10:48:45.847Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000213550/dsa-2023-098-security-update-for-dell-poweredge-14g-server-bios-for-an-out-of-bounds-write-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-25537",
"datePublished": "2023-05-22T10:48:45.847Z",
"dateReserved": "2023-02-07T09:35:27.079Z",
"dateUpdated": "2025-01-21T15:07:54.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21557 (GCVE-0-2021-21557)
Vulnerability from cvelistv5 – Published: 2021-06-14 19:10 – Updated: 2024-09-16 17:02
VLAI?
Summary
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode.
Severity ?
8.1 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.11.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:16",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.11.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.1,
"baseSeverity": "High",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21557",
"datePublished": "2021-06-14T19:10:16.639445Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-16T17:02:41.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21556 (GCVE-0-2021-21556)
Vulnerability from cvelistv5 – Published: 2021-06-14 19:10 – Updated: 2024-09-17 01:40
VLAI?
Summary
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Severity ?
6.1 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.11.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:15",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.11.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21556",
"datePublished": "2021-06-14T19:10:15.963590Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-17T01:40:39.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21555 (GCVE-0-2021-21555)
Vulnerability from cvelistv5 – Published: 2021-06-14 19:10 – Updated: 2024-09-16 22:29
VLAI?
Summary
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Severity ?
6.1 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.11.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.11.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:15",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.11.2"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21555",
"datePublished": "2021-06-14T19:10:15.341153Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-16T22:29:57.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21554 (GCVE-0-2021-21554)
Vulnerability from cvelistv5 – Published: 2021-06-14 19:10 – Updated: 2024-09-16 16:42
VLAI?
Summary
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.
Severity ?
6.1 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | PowerEdge BIOS Intel 15G |
Affected:
unspecified , < 2.9.4
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:23.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PowerEdge BIOS Intel 15G",
"vendor": "Dell",
"versions": [
{
"lessThan": "2.9.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T19:10:14",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/kbdoc/000187958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2021-06-08",
"ID": "CVE-2021-21554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PowerEdge BIOS Intel 15G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.9.4"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment."
}
]
},
"impact": {
"cvss": {
"baseScore": 6.1,
"baseSeverity": "Medium",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/kbdoc/000187958",
"refsource": "MISC",
"url": "https://www.dell.com/support/kbdoc/000187958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2021-21554",
"datePublished": "2021-06-14T19:10:14.618136Z",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-09-16T16:42:32.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}