Vulnerabilities > CVE-2022-34364 - Exposure of Resource to Wrong Sphere vulnerability in Dell Bsafe Ssl-J

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

dell

CWE-668

NVD

Published: 2023-02-10

Updated: 2024-01-22

Summary

Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lead to disclosing sensitive information to a locally privileged user. .

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Bsafe SSL J 7.0 Dell Bsafe SSL J - Dell Bsafe SSL J 3.0 Dell Bsafe SSL J 3.0.1 Dell Bsafe SSL J 3.1 Dell Bsafe SSL J 5.0 Dell Bsafe SSL J 5.1 Dell Bsafe SSL J 5.1.1 Dell Bsafe SSL J 5.1.2 Dell Bsafe SSL J 5.1.3 Dell Bsafe SSL J 5.1.4 Dell Bsafe SSL J 5.2 Dell Bsafe SSL J 6.0 Dell Bsafe SSL J 6.0.1 Dell Bsafe SSL J 6.0.2 Dell Bsafe SSL J 6.1 Dell Bsafe SSL J 6.1.1 Dell Bsafe SSL J 6.1.2 Dell Bsafe SSL J 6.1.3 Dell Bsafe SSL J 6.1.4 Dell Bsafe SSL J 6.2 Dell Bsafe SSL J 6.2.1 Dell Bsafe SSL J 6.2.2 Dell Bsafe SSL J 6.2.4 Dell Bsafe SSL J 6.2.4.1 Dell Bsafe SSL J 6.2.5 Dell Bsafe SSL J 6.2.6 Dell Bsafe SSL J 6.2.7 Dell Bsafe SSL J 6.3 Dell Bsafe SSL J 6.3.1 Dell Bsafe SSL J 6.4	31

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://www.dell.com/support/kbdoc/en-us/000203275/dsa-2022-188-dell-bsafe-ssl-j-6-5-and-7-1-security-vulnerability