Impact
Critical
Details
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2022-34381 |
Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. |
9.1 |
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Proprietary Code CVEs |
Description |
CVSS Base Score |
CVSS Vector String |
CVE-2022-34381 |
Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. |
9.1 |
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Workarounds & Mitigations
Workarounds or mitigation may exist based on individual use case and usage of the product. Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities, including possible workaround or mitigations.
Revision History
Revision | Date | Description |
---|
1.0 | 2022-09-12 | Initial Release. |
2.0 | 2023-08-08 | Major Revision: disclosing CVE iD, CVSS score, details. |
3.0 | 2023-08-08 | Minor formatting changes without content change. |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
Affected Products
BSAFE Crypto-J, BSAFE SSL-J