Critical
Proprietary Code CVEs | Description | CVSS Vector String |
---|---|---|
CVE-2023-34329 | AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability. | See NVD link below for individual scores for each CVE. |
CVE-2023-34472 | AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity. | See NVD link below for individual scores for each CVE. |
CVEs Addressed | Product | Software/Firmware |
Affected Versions | Remediated Versions | Link |
CVE-2023-34329 | Z9432F-ON | Firmware | Versions prior to v3.51.5.1-18 | Version v3.51.5.1-18 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-z9432f-on/drivers |
CVE-2023-34472 | Z9432F-ON | Firmware | Versions prior to v3.51.5.1-18 | Version v3.51.5.1-18 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-z9432f-on/drivers |
CVE-2023-34329 | S5448F-ON | Firmware | Versions prior to v3.52.5.1-10 | Version v3.52.5.1-10 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-s5448f-on/drivers |
CVE-2023-34472 | S5448-ON | Firmware | Versions prior to v3.52.5.1-10 | Version v3.52.5.1-10 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-s5448f-on/drivers |
CVEs Addressed | Product | Software/Firmware |
Affected Versions | Remediated Versions | Link |
CVE-2023-34329 | Z9432F-ON | Firmware | Versions prior to v3.51.5.1-18 | Version v3.51.5.1-18 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-z9432f-on/drivers |
CVE-2023-34472 | Z9432F-ON | Firmware | Versions prior to v3.51.5.1-18 | Version v3.51.5.1-18 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-z9432f-on/drivers |
CVE-2023-34329 | S5448F-ON | Firmware | Versions prior to v3.52.5.1-10 | Version v3.52.5.1-10 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-s5448f-on/drivers |
CVE-2023-34472 | S5448-ON | Firmware | Versions prior to v3.52.5.1-10 | Version v3.52.5.1-10 or later | https://www.dell.com/support/home/en-us/product-support/product/networking-s5448f-on/drivers |
none
Revision | Date | Description |
---|---|---|
1.0 | 2024-03-21 | Initial Release |
2.0 | 2024-03-22 | removed unneeded CVSS score column |