DSA-2023-283: Security Update for Dell SmartFabric Storage Software Vulnerabilities

摘要: Dell SmartFabric Storage Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

法律免责声明

受影响的产品

提供反馈

本文适用于本文不适用于本文并非针对某种特定的产品。本文并非包含所有产品版本。

查看其他资源

影响

Critical

详情

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2023-32485	Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2023-32485	Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数，这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

CVEs Addressed	Product	Affected Versions	Remediated Versions	Link
CVE-2023-32485	Dell SmartFabric Storage Software	Versions before 1.4.0	1.4.0	https://www.dell.com/support

CVEs Addressed	Product	Affected Versions	Remediated Versions	Link
CVE-2023-32485	Dell SmartFabric Storage Software	Versions before 1.4.0	1.4.0	https://www.dell.com/support

解决方法和缓解措施

none

修订历史记录

Revision	Date	Description
1.0	2023-08-08	Initial Release
2.0	2023-10-05	Major Revision: added relevant URL to the CVEand modified minor formatting without content change.

法律免责声明

受影响的产品

SmartFabric Storage Software for NVMe/TCP SAN, SmartFabric Storage Software Download for NVMe/TCP SAN

文章编号: 000216587

文章类型: Dell Security Advisory

上次修改时间: 05 10月 2023

DSA-2023-283: Security Update for Dell SmartFabric Storage Software Vulnerabilities

摘要: Dell SmartFabric Storage Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

DSA-2023-283: Security Update for Dell SmartFabric Storage Software Vulnerabilities

摘要: Dell SmartFabric Storage Software remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

详细文章

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务