CVE-2024-22463

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-22463
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information

7.4 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerscale_onefs:9.6.1:*:*:*:*:*:*:*
History

08 Jan 2025, 15:46

Type Values Removed Values Added
First Time Dell
Dell powerscale Onefs
CPE cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:powerscale_onefs:9.6.1:*:*:*:*:*:*:*
References () https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities - Vendor Advisory

21 Nov 2024, 08:56

Type Values Removed Values Added
Summary
  • (es) Dell PowerScale OneFS 8.2.x a 9.6.0.x contiene una vulnerabilidad de algoritmo criptográfico roto o riesgoso. Un atacante remoto sin privilegios podría explotar esta vulnerabilidad, lo que comprometería la confidencialidad y la integridad de la información confidencial.
References () https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities - () https://www.dell.com/support/kbdoc/en-us/000222691/dsa-2024-062-security-update-for-dell-powerscale-onefs-for-proprietary-code-vulnerabilities -

04 Mar 2024, 14:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-04 14:15

Updated : 2025-01-08 15:46

NVD link : CVE-2024-22463

Mitre link : CVE-2024-22463

CVE.ORG link : CVE-2024-22463

JSON object : View

Products Affected

dell

  • powerscale_onefs
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm