Vulnerabilities > CVE-2023-32449 - Unspecified vulnerability in Dell Powerstoret OS

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dell

NVD

Published: 2023-06-22

Updated: 2024-11-21

Summary

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Powerstoret OS *	1
Hardware	Dell Dell Powerstore 500T - Dell Powerstore 1000T - Dell Powerstore 1200T - Dell Powerstore 3200T - Dell Powerstore 3000T - Dell Powerstore 5200T - Dell Powerstore 5000T - Dell Powerstore 7000T - Dell Powerstore 9000T - Dell Powerstore 9200T -	10

References

https://www.dell.com/support/kbdoc/en-us/000215171/dsa-2023-173-dell-powerstore-family-security-update-for-multiple-vulnerabilities
https://www.dell.com/support/kbdoc/en-us/000215171/dsa-2023-173-dell-powerstore-family-security-update-for-multiple-vulnerabilities