Dell Unity: Security Vulnerability CVE-2023-34329 and CVE-2023-34330 - False Positive
摘要: Unity is NOT impacted by Security Vulnerability CVE-2023-34329 and CVE-2023-34330.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
症狀
CVE-2023-34329
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability.
CVE-2023-34330
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be run using a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability.
CVE-2023-34330
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be run using a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
原因
Both the vulnerabilities relate to AMI MegaRAC. The Unity array does not use AMI MegaRAC and there is no exposure to these two vulnerabilities.
解析度
This is a false-positive. Unity is not impacted.
受影響的產品
Dell EMC Unity, Dell EMC Unity Family文章屬性
文章編號: 000217584
文章類型: Solution
上次修改時間: 12 12月 2023
版本: 2
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。