Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000181098


DSA-2020-114: Dell BSAFE™ Micro Edition Suite Multiple Security Vulnerabilities

Summary: Dell BSAFE Micro Edition Suite contains remediation for multiple vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content


Impact

High

Details

CVE-2020-5360: Buffer Under-Read
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.
CVSS v3.1 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)

CVE-2020-5359: Unchecked Return Value
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to modify and corrupt the encrypted data.
CVSS v3.1 Base Score: 5.8 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)

CVE-2020-5360: Buffer Under-Read
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.
CVSS v3.1 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)

CVE-2020-5359: Unchecked Return Value
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to modify and corrupt the encrypted data.
CVSS v3.1 Base Score: 5.8 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Affected products:
Dell BSAFE Micro Edition Suite releases prior to 4.5.

Remediation:
The following releases contains resolutions to these vulnerabilities:

Dell BSAFE Micro Edition Suite 4.5

Dell recommends all customers upgrade at the earliest opportunity.
Affected products:
Dell BSAFE Micro Edition Suite releases prior to 4.5.

Remediation:
The following releases contains resolutions to these vulnerabilities:

Dell BSAFE Micro Edition Suite 4.5

Dell recommends all customers upgrade at the earliest opportunity.
Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

BSAFE Micro Edition Suite

Last Published Date

15 Dec 2020

Version

1

Article Type

Dell Security Advisory