2023-12-05 17:00:22 +00:00
{
"id" : "CVE-2023-44297" ,
"sourceIdentifier" : "security_alert@emc.com" ,
"published" : "2023-12-05T16:15:07.097" ,
2023-12-12 03:00:29 +00:00
"lastModified" : "2023-12-12T00:55:40.877" ,
"vulnStatus" : "Analyzed" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-12-05 17:00:22 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "\nDell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.\n\n"
2023-12-12 03:00:29 +00:00
} ,
{
"lang" : "es" ,
"value" : "Las plataformas Dell PowerEdge 16G Intel E5 BIOS y Dell Precision BIOS, versi\u00f3n 1.4.4, contienen una vulnerabilidad de seguridad de c\u00f3digo de depuraci\u00f3n activa. Un atacante f\u00edsico no autenticado podr\u00eda explotar esta vulnerabilidad, lo que provocar\u00eda la divulgaci\u00f3n de informaci\u00f3n, la manipulaci\u00f3n de informaci\u00f3n, la ejecuci\u00f3n de c\u00f3digo y la denegaci\u00f3n de servicio."
2023-12-05 17:00:22 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
2023-12-12 03:00:29 +00:00
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
"attackVector" : "PHYSICAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH" ,
"baseScore" : 6.8 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 0.9 ,
"impactScore" : 5.9
} ,
2023-12-05 17:00:22 +00:00
{
"source" : "security_alert@emc.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L" ,
"attackVector" : "PHYSICAL" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "LOW" ,
"baseScore" : 7.1 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 0.5 ,
"impactScore" : 6.0
}
]
} ,
"weaknesses" : [
2023-12-12 03:00:29 +00:00
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-667"
}
]
} ,
2023-12-05 17:00:22 +00:00
{
"source" : "security_alert@emc.com" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-1234"
}
]
}
] ,
2023-12-12 03:00:29 +00:00
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r660:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "86AC134C-EFB7-46B8-B60F-5BD2663D7168"
2023-12-12 03:00:29 +00:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r660_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A9F11A33-BA61-4554-A0B2-8F789EA8BE3C"
2023-12-12 03:00:29 +00:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r760:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "89E8485C-4298-4DA0-95AD-50C21BC2C798"
2023-12-12 03:00:29 +00:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r760_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C301E8C7-01F7-4CBE-8666-74C0FD0BD58E"
2023-12-12 03:00:29 +00:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_c6620:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D360EB7D-5AB4-483C-BF00-53473B2D8AF4"
2023-12-12 03:00:29 +00:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_c6620_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "18D7C139-E796-4361-9FE6-530D154D7062"
2023-12-12 03:00:29 +00:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_mx760c:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2670A942-4200-46F2-A4FC-6D2F0E2074B9"
2023-12-12 03:00:29 +00:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_mx760c_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "65443057-DC40-47A6-B739-E5984B7AEC43"
2023-12-12 03:00:29 +00:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r860:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B53D6488-A6E3-4505-8093-8232DC4219BD"
2023-12-12 03:00:29 +00:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r860_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1AC33C77-1C2C-4E44-A60F-14AE343666F8"
2023-12-12 03:00:29 +00:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r960:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D5B42153-ED7B-433A-9070-9CAC972322BA"
2023-12-12 03:00:29 +00:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r960_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9881FD7F-DA34-47F2-840B-929226E0D1CC"
2023-12-12 03:00:29 +00:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_hs5610_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2B1E8504-EF8A-47D0-9762-5E944DD1ECDF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_hs5610:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "08A9C14A-7D1A-4724-BBBD-62FC4C66FCE1"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_hs5620_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "29F3D281-2810-4663-BD0F-F4EA67B1A321"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_hs5620:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "447BE381-9C9B-4339-B308-71D90DB60294"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r660xs_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1E9ADAB6-42D2-44DE-8C0C-6DC4166DA705"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r660xs:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "17FF7F29-F169-49B5-BEBA-6F20E3CDF1E6"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r760xs_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A99A3EEE-20D7-4E99-98FE-99012DA2393B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r760xs:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3364A3E-BA9B-4588-89E5-A2C6C17B5D97"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r760xd2_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D5992CD2-83BA-4941-B3FF-42144036325E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r760xd2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B21CBCD8-266A-4BCD-933D-2EF5F479B119"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_t560_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "033EB4DA-6B83-436C-AD42-63605EED7324"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_t560:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D4A86D53-1352-48FB-A26A-C898B2C6425E"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:dell:poweredge_r760xa_firmware:1.4.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3310CC98-2D26-42EF-8E10-13F2EB0D4FDB"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:dell:poweredge_r760xa:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62603619-611F-4343-B75E-D45C50D1EA2F"
}
]
}
]
}
] ,
2023-12-05 17:00:22 +00:00
"references" : [
{
"url" : "https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability" ,
2023-12-12 03:00:29 +00:00
"source" : "security_alert@emc.com" ,
"tags" : [
"Vendor Advisory"
]
2023-12-05 17:00:22 +00:00
}
]
}
