Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit this vulnerability, leading to information tampering, code execution, denial of service.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
History
21 Nov 2024, 08:25
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.6 |
| References | () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory |
12 Dec 2023, 00:54
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
| References | () https://www.dell.com/support/kbdoc/en-us/000220047/dsa-2023-429-security-update-for-dell-16g-poweredge-server-bios-for-a-debug-code-security-vulnerability - Vendor Advisory | |
| CWE | CWE-667 | |
| CPE | cpe:2.3:o:dell:poweredge_r760xd2_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_hs5620:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760xd2:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r760xa_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760xs:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_t560:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r660xs_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r660xs:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r760_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760xa:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r660_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r860:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_c6620:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_mx760c_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r660:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_t560_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r960_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_hs5610_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_c6620_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_hs5620_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r760:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r860_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_mx760c:-:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_r960:-:*:*:*:*:*:*:* cpe:2.3:o:dell:poweredge_r760xs_firmware:1.4.4:*:*:*:*:*:*:* cpe:2.3:h:dell:poweredge_hs5610:-:*:*:*:*:*:*:* |
05 Dec 2023, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-05 16:15
Updated : 2024-11-21 08:25
NVD link : CVE-2023-44298
Mitre link : CVE-2023-44298
CVE.ORG link : CVE-2023-44298
JSON object : View
Products Affected
dell
- poweredge_hs5610_firmware
- poweredge_r860_firmware
- poweredge_r760xs
- poweredge_hs5620
- poweredge_t560_firmware
- poweredge_r760xd2
- poweredge_r660_firmware
- poweredge_r960_firmware
- poweredge_mx760c
- poweredge_r660xs
- poweredge_r860
- poweredge_c6620_firmware
- poweredge_mx760c_firmware
- poweredge_r760xs_firmware
- poweredge_r760xa_firmware
- poweredge_r760
- poweredge_r760xa
- poweredge_hs5620_firmware
- poweredge_hs5610
- poweredge_c6620
- poweredge_t560
- poweredge_r660
- poweredge_r760_firmware
- poweredge_r960
- poweredge_r760xd2_firmware
- poweredge_r660xs_firmware