DSA-2022-208: Dell BSAFE SSL-J 6.5 and 7.1 and Dell BSAFE Crypto-J 6.2.6.1 and 7.0 Security Vulnerability
Resumen: Dell BSAFE SSL-J and Dell BSAFE Crypto-J contain remediation for a vulnerability that may be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
Critical
Detalles
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Corrección y productos afectados
| CVE(s) addressed | Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J | Versions prior to 6.5, and version 7.0 | Version 6.5 and 7.1 | How To Request a Dell BSAFE product download |
| CVE-2022-34381 | Dell BSAFE Crypto-J |
Versions prior to 6.2.6.1 |
Version 6.2.6.1 and 7.0 |
How To Request a Dell BSAFE product download |
| CVE(s) addressed | Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J | Versions prior to 6.5, and version 7.0 | Version 6.5 and 7.1 | How To Request a Dell BSAFE product download |
| CVE-2022-34381 | Dell BSAFE Crypto-J |
Versions prior to 6.2.6.1 |
Version 6.2.6.1 and 7.0 |
How To Request a Dell BSAFE product download |
Soluciones alternativas y mitigaciones
Workarounds or mitigation may exist based on individual use case and usage of the product. Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities, including possible workaround or mitigations.
Historial de revisiones
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2022-09-12 | Initial Release. |
| 2.0 | 2023-08-08 | Major Revision: disclosing CVE iD, CVSS score, details. |
| 3.0 | 2023-08-08 | Minor formatting changes without content change. |
Información relacionada
Descargo de responsabilidad
Productos afectados
BSAFE Crypto-J, BSAFE SSL-JPropiedades del artículo
Número del artículo: 000203278
Tipo de artículo: Dell Security Advisory
Última modificación: 08 ago. 2023
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.