DSA-2023-282: Security Update for Dell Storage Integration Tools for VMWare (DSITV), Dell Storage vSphere Client Plugin (DSVCP), and Replay Manager for VMware (RMSV) Information Disclosure Vulnerability
Summary: Dell Storage Integration Tools for VMWare (DSITV), Dell Storage vSphere Client Plugin (DSVCP), and Replay Manager for VMware (RMSV) remediation is available for an information disclosure vulnerability that could be exploited by malicious users to compromise the affected system. ...
Αυτό το άρθρο ισχύει για
Αυτό το άρθρο δεν ισχύει για
Αυτό το άρθρο δεν συνδέεται με κάποιο συγκεκριμένο προϊόν.
Δεν προσδιορίζονται όλες οι εκδόσεις προϊόντων σε αυτό το άρθρο.
Impact
High
Details
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-39250 | Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H  |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2023-39250 | Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Επηρεαζόμενα προϊόντα και αποκατάσταση
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| Dell Storage Integration Tools for VMware (DSITV) | VMware | Versions prior to 6.1.1 | Version 6.1.1 | Drivers and Downloads |
| Dell Storage vSphere Client Plugin (DSVCP) | VMware | Versions prior to 6.1.1 | Version 6.1.1 | Drivers and Downloads |
| Replay Manager for VMware (RMSV) | VMware | Versions prior to 3.1.2 | Version 3.1.2 | Drivers and Downloads |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| Dell Storage Integration Tools for VMware (DSITV) | VMware | Versions prior to 6.1.1 | Version 6.1.1 | Drivers and Downloads |
| Dell Storage vSphere Client Plugin (DSVCP) | VMware | Versions prior to 6.1.1 | Version 6.1.1 | Drivers and Downloads |
| Replay Manager for VMware (RMSV) | VMware | Versions prior to 3.1.2 | Version 3.1.2 | Drivers and Downloads |
NOTE: Please note that Dell Storage Integration Tools for VMware (DSITV), Dell Storage vSphere Client Plugin (DSVCP), and Replay Manager for VMware (RMSV) are included as part of the same download.
Λύσεις και μετριασμοί
| CVE ID | Workaround and Mitigation |
|---|---|
| CVE-2023-39250 |
|
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-08-11 | Initial Release |
| 1.1 | 2023-08-14 | Updated “Workarounds and Mitigations” section |
| 2.0 | 2023-10-09 | Full Release |
| 3.0 | 2023-10-10 | Updated for clarity |
Acknowledgements
Dell Technologies would like to thank Tom Pohl for reporting this issue.
Related Information
Νομική αποποίηση ευθύνης
Επηρεαζόμενα προϊόντα
Dell Compellent SC4020, Dell Storage SC8000, Dell Compellent Series 40, Dell Storage SCv2000, Dell Storage SCv2020, Dell Storage SCv2080, Dell Storage SC5020, Dell Storage SC5020F, Dell Storage SC7020, Dell Storage SC7020F, Dell Storage SC9000
, Dell Storage SCv3000, Dell Storage SCv3020
...
Ιδιότητες άρθρου
Article Number: 000216615
Article Type: Dell Security Advisory
Τελευταία τροποποίηση: 10 Οκτ 2023
Βρείτε απαντήσεις στις ερωτήσεις σας από άλλους χρήστες της Dell
Υπηρεσίες υποστήριξης
Ελέγξτε αν η συσκευή σας καλύπτεται από τις Υπηρεσίες υποστήριξης.