PT-2023-21517 · Dell · Dell Networker Virtual Edition
Published
2023-12-18
·
Updated
2024-02-22
·
CVE-2023-28053
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Dell NetWorker Virtual Edition versions 19.8 and below
Description
The issue concerns the use of deprecated cryptographic algorithms in the SSH component, which could be exploited by a remote unauthenticated attacker, potentially leading to information disclosure.
Recommendations
For versions 19.8 and below, update to a version above 19.8 to resolve the issue.
As a temporary workaround, consider restricting access to the SSH component until a patch is available.
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Networker Virtual Edition