DSA-2022-188: Dell BSAFE SSL-J Security Update for a Debug Messages Revealing Unnecessary Information Vulnerability

Summary: Dell BSAFE SSL-J remediation is available to address a vulnerability that may be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Medium

Details

Proprietary Code CVE Product CVSS Base Score CVSS Vector String
CVE-2022-34364 Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.  
Proprietary Code CVE Product CVSS Base Score CVSS Vector String
CVE-2022-34364 Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.  
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs addressed Product Affected Versions Updated Versions
CVE-2022-34364 Dell BSAFE SSL-J All versions before 6.5
7.0		 6.5
7.1
CVEs addressed Product Affected Versions Updated Versions
CVE-2022-34364 Dell BSAFE SSL-J All versions before 6.5
7.0		 6.5
7.1

Workarounds & Mitigations

Workarounds or mitigations may exist based on individual use case and usage of the product. Customers with an active BSAFE SSL-J maintenance contract should contact Dell BSAFE Support at bsafe.support@dell.com, or bsafe.support.japan@dell.com for further details.

Revision History

Revision DateDescription
1.02022-09-12Initial Release
2.02023-02-17Major Update
2.12023-02-23Minor Revision
3.02024-01-15Added missing link to the CVSS calculator
updated the CVE description
4.02024-01-15Updated the formatting without any change to the contents.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

BSAFE SSL-J, Product Security Information
Article Properties
Article Number: 000203275
Article Type: Dell Security Advisory
Last Modified: 15 Jan 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.