From 121372ce5cfdfc258b406fe8e9599f33be9f620f Mon Sep 17 00:00:00 2001 From: DellEMCProductSecurity Date: Thu, 28 Mar 2019 13:23:23 -0400 Subject: [PATCH] Fixed CVE-2019-3710 --- 2019/3xxx/CVE-2019-3710.json | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/2019/3xxx/CVE-2019-3710.json b/2019/3xxx/CVE-2019-3710.json index 83a885704aa..83cd66ee39f 100644 --- a/2019/3xxx/CVE-2019-3710.json +++ b/2019/3xxx/CVE-2019-3710.json @@ -1,7 +1,7 @@ { "CVE_data_meta": { "ASSIGNER": "secure@dell.com", - "DATE_PUBLIC": "2019-03-18T05:00:00.000Z", + "DATE_PUBLIC": "2019-03-18T05:00:00.000Z" "ID": "CVE-2019-3710", "STATE": "PUBLIC", "TITLE": "DSA-2019-034: Dell Networking OS10 Key Management Error Vulnerability" @@ -17,7 +17,8 @@ "version": { "version_data": [ { - "version_value": "10.4.3.0" + "version_affected": "<", + "version_value": "10.4.3" } ] } @@ -36,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "Dell Networking OS10 has been updated to address a vulnerability which may be potentially exploited to compromise the system." + "value": "Dell Networking OS10 versions prior to 10.4.3 contain a vulnerability caused by improper key management. As a result of this vulnerability, authentication and encryption can be bypassed, and an attacker can run arbitrary code with escalated user privileges." } ] }, @@ -65,7 +66,7 @@ "description": [ { "lang": "eng", - "value": "Dell Networking OS10 versions prior to 10.4.3 contain a vulnerability caused by improper key management. As a result of this vulnerability, authentication and encryption can be bypassed, and an attacker can run arbitrary code with escalated user privileges." + "value": "As a result of this vulnerability, authentication and encryption can be bypassed, and an attacker can run arbitrary code with escalated user privileges." } ] }