DSA-2023-156: Security Update for Dell BSAFE SSL-J Dell BSAFE SSL-J Vulnerability

Resumen: Dell BSAFE SSL-J remediation is available to address a vulnerability that could be exploited by malicious users to compromise the affected system.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

Medium

Detalles

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-28077 Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-28077 Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user.  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Product Affected Version(s) Updated Version(s) Link to Update
Dell BSAFE SSL-J 6.0.x - 6.5
7.0
7.1		 6.5.1
7.1.1		 How To Request a Dell BSAFE product download
NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.
Product Affected Version(s) Updated Version(s) Link to Update
Dell BSAFE SSL-J 6.0.x - 6.5
7.0
7.1		 6.5.1
7.1.1		 How To Request a Dell BSAFE product download
NOTE: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Soluciones alternativas y mitigaciones

Workarounds or mitigations may exist based on individual use case and usage of the product. Customers with an active BSAFE SSL-J maintenance contract should contact Dell BSAFE Support at bsafe.support@dell.com, or bsafe.support.japan@dell.com for further details.

Historial de revisiones

RevisionDateDescription
1.0

2023-05-19

Initial Release
2.0

2023-07-19

Updated "Affected Products and Remediation" section
3.0

2023-09-14

Updated "Proprietary Code " section 
4.0

2024-01-12

Updated the detailed public description
5.0

2024-01-12

Formatting update without any change to content
6.0

2024-01-12

Updated the detailed public description
7.0

2024-09-23

Updated backend information to improve self-serve alignment.

Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

BSAFE SSL-J
Propiedades del artículo
Número del artículo: 000214287
Tipo de artículo: Dell Security Advisory
Última modificación: 23 sept. 2024
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.