Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information disclosure, information tampering, code execution, denial of service.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
History
21 Nov 2024, 08:25
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.1 |
12 Dec 2023, 00:55
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-667 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
| References | () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory | |
| CPE | cpe:2.3:o:dell:poweredge_r760xd2_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_hs5620:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760xd2:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r760xa_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760xs:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_t560:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r660xs_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r660xs:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r760_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760xa:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r660_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r860:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_c6620:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_mx760c_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r660:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_t560_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r960_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_hs5610_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_c6620_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_hs5620_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r860_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_mx760c:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r960:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r760xs_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_hs5610:-:*:*:*:*:*:*:* |
05 Dec 2023, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-05 16:15
Updated : 2024-11-21 08:25
NVD link : CVE-2023-44297
Mitre link : CVE-2023-44297
CVE.ORG link : CVE-2023-44297
JSON object : View
Products Affected
dell
- poweredge_hs5610_firmware
- poweredge_r860_firmware
- poweredge_r760xs
- poweredge_hs5620
- poweredge_t560_firmware
- poweredge_r760xd2
- poweredge_r660_firmware
- poweredge_r960_firmware
- poweredge_mx760c
- poweredge_r660xs
- poweredge_r860
- poweredge_c6620_firmware
- poweredge_mx760c_firmware
- poweredge_r760xs_firmware
- poweredge_r760xa_firmware
- poweredge_r760
- poweredge_r760xa
- poweredge_hs5620_firmware
- poweredge_hs5610
- poweredge_c6620
- poweredge_t560
- poweredge_r660
- poweredge_r760_firmware
- poweredge_r960
- poweredge_r760xd2_firmware
- poweredge_r660xs_firmware