DSA-2022-208: Dell BSAFE SSL-J 6.5 and 7.1 and Dell BSAFE Crypto-J 6.2.6.1 and 7.0 Security Vulnerability
摘要: Dell BSAFE SSL-J and Dell BSAFE Crypto-J contain remediation for a vulnerability that may be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of the impacted system. This is a Critical vulnerability and Dell recommends customers to upgrade at the earliest opportunity. | 9.1 | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
受影響的產品與補救措施
| CVE(s) addressed | Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J | Versions prior to 6.5, and version 7.0 | Version 6.5 and 7.1 | How To Request a Dell BSAFE product download |
| CVE-2022-34381 | Dell BSAFE Crypto-J |
Versions prior to 6.2.6.1 |
Version 6.2.6.1 and 7.0 |
How To Request a Dell BSAFE product download |
| CVE(s) addressed | Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| CVE-2022-34381 | Dell BSAFE SSL-J | Versions prior to 6.5, and version 7.0 | Version 6.5 and 7.1 | How To Request a Dell BSAFE product download |
| CVE-2022-34381 | Dell BSAFE Crypto-J |
Versions prior to 6.2.6.1 |
Version 6.2.6.1 and 7.0 |
How To Request a Dell BSAFE product download |
因應措施與緩解措施
Workarounds or mitigation may exist based on individual use case and usage of the product. Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities, including possible workaround or mitigations.
修訂歷史記錄
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2022-09-12 | Initial Release. |
| 2.0 | 2023-08-08 | Major Revision: disclosing CVE iD, CVSS score, details. |
| 3.0 | 2023-08-08 | Minor formatting changes without content change. |
相關資訊
法律免責聲明
受影響的產品
BSAFE Crypto-J, BSAFE SSL-J文章屬性
文章編號: 000203278
文章類型: Dell Security Advisory
上次修改時間: 08 8月 2023
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。