PT-2023-23807 · Dell · Dell Vxrail
Published
2023-06-23
·
Updated
2023-07-05
·
CVE-2023-32464
CVSS v3.1
3.3
Low
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Dell VxRail versions prior to 7.0.450
Description
The issue concerns an improper certificate validation, which could be exploited by a high privileged remote attacker to carry out a man-in-the-middle attack. This attack involves supplying a crafted certificate to intercept the victim's traffic, allowing the attacker to view or modify the victim's data in transit.
Recommendations
For versions prior to 7.0.450, update to version 7.0.450 or later to resolve the issue.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Vxrail