CVE-2023-32463

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVSS v3 3.4 LOW

3.4^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities	Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:dell:vxrail_d560_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_d560:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:dell:vxrail_d560f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_d560f:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:dell:vxrail_e460_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e460:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:dell:vxrail_e560_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e560:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:dell:vxrail_e560_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e560_vcf:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:dell:vxrail_e560f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e560f:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:dell:vxrail_e560f_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e560f_vcf:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:dell:vxrail_e560n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e560n:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:dell:vxrail_e560n_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e560n_vcf:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:dell:vxrail_e660_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e660:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:dell:vxrail_e660f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e660f:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:dell:vxrail_e660n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e660n:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:dell:vxrail_e665_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e665:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:dell:vxrail_e665f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e665f:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:dell:vxrail_e665n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_e665n:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:dell:vxrail_g560_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_g560:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:dell:vxrail_g560_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_g560_vcf:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:dell:vxrail_g560f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_g560f:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:dell:vxrail_g560f_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_g560f_vcf:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:dell:vxrail_p470_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p470:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:dell:vxrail_p570_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p570:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:dell:vxrail_p570_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p570_vcf:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:dell:vxrail_p570f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p570f:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:dell:vxrail_p570f_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p570f_vcf:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:dell:vxrail_p580n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p580n:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND

cpe:2.3:o:dell:vxrail_p580n_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p580n_vcf:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:dell:vxrail_p670f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p670f:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND

cpe:2.3:o:dell:vxrail_p670n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p670n:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND

cpe:2.3:o:dell:vxrail_p675f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p675f:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND

cpe:2.3:o:dell:vxrail_p675n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_p675n:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND

cpe:2.3:o:dell:vxrail_s470_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_s470:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND

cpe:2.3:o:dell:vxrail_s570_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_s570:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND

cpe:2.3:o:dell:vxrail_s570_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_s570_vcf:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND

cpe:2.3:o:dell:vxrail_s670_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_s670:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND

cpe:2.3:o:dell:vxrail_v470_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_v470:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND

cpe:2.3:o:dell:vxrail_v570_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_v570:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND

cpe:2.3:o:dell:vxrail_v570_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_v570_vcf:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND

cpe:2.3:o:dell:vxrail_v570f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_v570f:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND

cpe:2.3:o:dell:vxrail_v570f_vcf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_v570f_vcf:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND

cpe:2.3:o:dell:vxrail_v670f_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_v670f:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND

cpe:2.3:o:dell:vxrail_vd-4000r_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_vd-4000r:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND

cpe:2.3:o:dell:vxrail_vd-4000w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_vd-4000w:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND

cpe:2.3:o:dell:vxrail_vd-4000z_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_vd-4000z:-:*:*:*:*:*:*:*

Configuration 44 (hide)

AND

cpe:2.3:o:dell:vxrail_vd-4510c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_vd-4510c:-:*:*:*:*:*:*:*

Configuration 45 (hide)

AND

cpe:2.3:o:dell:vxrail_vd-4520c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:dell:vxrail_vd-4520c:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:03

Type	Values Removed	Values Added
References	~~() https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities - Vendor Advisory~~	() https://www.dell.com/support/kbdoc/en-us/000214659/dsa-2023-200-security-update-for-dell-vxrail-for-multiple-third-party-component-vulnerabilities - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : 3.4

05 Jul 2023, 18:33

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-23 08:15

Updated : 2024-11-21 08:03

NVD link : CVE-2023-32463

Mitre link : CVE-2023-32463

CVE.ORG link : CVE-2023-32463

JSON object : View

Products Affected

dell

vxrail_p570_vcf_firmware
vxrail_e460_firmware
vxrail_e660f_firmware
vxrail_s670_firmware
vxrail_d560f_firmware
vxrail_e560_firmware
vxrail_e660
vxrail_p580n_firmware
vxrail_s470
vxrail_p570_vcf
vxrail_p670n
vxrail_p670n_firmware
vxrail_vd-4000z_firmware
vxrail_s470_firmware
vxrail_e460
vxrail_p675f_firmware
vxrail_d560_firmware
vxrail_d560f
vxrail_s570
vxrail_e560f_vcf
vxrail_g560f_vcf
vxrail_g560f
vxrail_d560
vxrail_g560f_vcf_firmware
vxrail_s570_vcf
vxrail_p570f_vcf
vxrail_e665n_firmware
vxrail_p580n_vcf
vxrail_e665f_firmware
vxrail_e560n_firmware
vxrail_vd-4000r
vxrail_e560f_firmware
vxrail_g560_vcf
vxrail_e560n_vcf
vxrail_p570_firmware
vxrail_vd-4520c
vxrail_e560_vcf_firmware
vxrail_e560
vxrail_v470_firmware
vxrail_vd-4000w_firmware
vxrail_p570f_firmware
vxrail_vd-4510c
vxrail_e560n_vcf_firmware
vxrail_e665n
vxrail_v570f_vcf_firmware
vxrail_p670f
vxrail_vd-4000r_firmware
vxrail_e560f
vxrail_s570_firmware
vxrail_vd-4510c_firmware
vxrail_p580n
vxrail_p570
vxrail_s670
vxrail_e665
vxrail_e660n
vxrail_v570
vxrail_p670f_firmware
vxrail_e660n_firmware
vxrail_v570f
vxrail_e560f_vcf_firmware
vxrail_v570_vcf
vxrail_vd-4000w
vxrail_p570f_vcf_firmware
vxrail_e560n
vxrail_p675n_firmware
vxrail_e560_vcf
vxrail_e660f
vxrail_p675n
vxrail_e660_firmware
vxrail_e665f
vxrail_p570f
vxrail_g560_vcf_firmware
vxrail_v570f_vcf
vxrail_v670f_firmware
vxrail_g560
vxrail_v570_firmware
vxrail_g560f_firmware
vxrail_p675f
vxrail_v570_vcf_firmware
vxrail_p470
vxrail_v670f
vxrail_v570f_firmware
vxrail_vd-4520c_firmware
vxrail_p470_firmware
vxrail_vd-4000z
vxrail_s570_vcf_firmware
vxrail_e665_firmware
vxrail_p580n_vcf_firmware
vxrail_v470
vxrail_g560_firmware

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

3.4 /10